Have you heard about 2SA or 2FA? In ‘tech talk’, it stands for two-step or two-factor authentication and it is the latest move in online security being adopted by big brands to prevent breaches.

So how does it work and should you be using it where you can in your business?

To put it simply, it is a tightened security measure and is similar to adding a second lock on your door. It gives you two layers of security instead of one and makes it significantly more difficult for hackers to gain access to your accounts. Not only do they need your password but they also need either a code generated on your device, SMS sent to your phone, your fingerprint or to pass facial or voice recognition.

Software giant, Xero is one of the latest brands to advise users that they are shifting towards this security measure. Although it will be optional for most users, for professionals in the areas of tax and bookkeeping, it will be a mandatory requirement from March.

Big banks, Apple, Gmail and some government agencies are just some of the other companies who also utilise two methods of verification for logins.

With cybercrime on the increase and criminals becoming very clever at tapping into your accounts, it is more important than ever for businesses to take preventative steps to protect themselves.

2016 cybercrime figures released by security software giant, Norton show that over the course of the year, 689.4 million people globally were affected. When it comes to businesses, some of the common breaches centre around weak passwords, insecure remote access software and employee activity.

So besides utilising 2SA or 2FA, what other steps can you implement to reduce your risk of an attack on your business?


Up the password anti

With so many passwords to remember, it can be a nightmare to stick to best practice rules when it comes to securing your logins. Annoying or not, the fact remains that it pays off to be stickler in this area of security. So what are the top recommendations when it comes to passwords?

  • Use a minimum of 12 characters and include a mix of letters, numbers, symbols and capitals;
  • Use a different password for each login;
  • Avoid sharing passwords in the office;
  • If your employees access emails or other business information from a mobile device, ensure they have a PIN, password of fingerprint authentication activated; and
  • Don’t use your generic business email address for social media logins. Opt for something that is not publicly advertised. This makes it considerably more difficult for hackers to guess.


Educate your team

Assuming your staff are in the know about online security can lead to breaches. Whatever their role, it is important that they are provided with basic training to support them to make informed decisions. So where do you start?

  • Show them how to identify suspicious emails and not to click on questionable links;
  • Advise to never enter a password on a login page that looks suspicious; and
  • Request that they don’t use public wifi to login to work emails or other portals that contain business related information.


Invest in security software

With so much of your business online it pays to use reputable anti-malware software. In order to best protect your business, it is important to keep it up-to-date and install updates as they are released. Also advisable is to complete regular back ups so that should a breach occur, you still have access to your files.


For more information about online security, speak to your software or IT provider. Alternatively visit Stay Smart Online, a free government resource.


GENERAL ADVICE WARNING | This communication has been prepared on a general advice basis only. The information has not been prepared to take into account your specific objectives, needs and situation. The information may not be appropriate to your business needs and you should seek advice from an IT professional before making any decisions.