Onestop IT Solutions provides IT services to your business. Established in 2003, OnestopIT has grown to a staff of 9 with 3 offices covering Edinburgh and Glasgow. The team offers IT support, IT strategy, IT security and IT compliance support. At Onestop IT we care about understanding the specific needs of your organisation and translating these needs into action plans to support and develop your business.
Cloud-based storage and applications are touted as the way of the future, promising organisations greater flexibility and productivity as well as fewer IT-based headaches. But understandably, many business leaders still have their questions about the security of these systems: how safe is their company data when it’s being stored on a separate company’s servers? How Discover more The post Your Guide To Office 365 Security Strengths & Weaknesses appeared first on Onestop...
Cloud-based storage and applications are touted as the way of the future, promising organisations greater flexibility and productivity as well as fewer IT-based headaches. But understandably, many business leaders still have their questions about the security of these systems: how safe is their company data when it’s being stored on a separate company’s servers? How effective are these products at filtering out cybersecurity threats? What if our internet cuts out one day?
To help answer these questions and more, we’ve put together a guide to the strengths and weaknesses of Office 365, which is one of the most popular of these cloud-based suites available today. Read on to discover where Office 365 excels (pun intended) and where you might want to add an extra layer of protection for your productivity and company data with third-party products like TitanFiltering.
One of the best things about cloud-based applications like those offered by Office 365 is that they support remote working. As telecommuting becomes more of a norm due to how much it boosts productivity and employee satisfaction, organisations need tools that make working from home easy and allow everyone to stay in the loop.
Office 365 supports remote working by offering access to their applications wherever you are and there’s no need to download anything onto your device: simply log on via the internet and get access to all of your files on the go. A single user can access their account through up to five different devices, meaning that you can check your emails while waiting for your flight at the airport on your phone or finish that PowerPoint presentation at home on your laptop the night before a big meeting.
That being said, as O365 products rely on access to the internet, a slow connection could mean loss of productivity. However, if this is a common occurrence for you, you can opt for an O365 plan that allows you to download full desktop versions of these products to keep working even if your wifi cuts out unexpectedly. Simply upload your progress onto the cloud-based version to save your work once the internet picks up again.
There’s no confusion as to what the latest version of a piece of work is or who made the latest updates to it: with Office 365, there’s only need for one document for each piece of work and you can easily track changes and who made them in real-time. You can even create your own social network for your company with Yammer, making collaboration and keeping up with colleagues even easier.
That being said, working with external bodies that don’t use O365 can throw a spanner in the works of seamless collaboration. Luckily, there are ways around this: you can use Office Online to allow people who don’t have an O365 subscription to view and edit relevant files. That being said, this tool is very limited in its functionality.
Once upon a time, it fell on the shoulders of IT departments everywhere to download software updates for products used by their employers. This took time out not only out of their days but also those whose computers IT staff were updating. With cloud-based suites like O365, this is no longer the case as updates are installed automatically.
This allows your staff to be more productive and for everyone to have access to the latest versions of Office products with no added cost. What’s more, the majority of people grew up using Microsoft Office products like Word and PowerPoint, meaning they’ll adopt updates easily as they have a lot of experience in using these products.
The automatic updates with advanced features that Microsoft rolls out for its O365 products on a regular basis are useful only when your systems support them. When it comes to older hardware and operating systems, devices can struggle to utilise these new features to their full potential. Getting around this issue is both costly and time-consuming. To gain full use of advanced features, you’ll have to update your hardware, operating systems or both.
Some people still have their hesitations about moving to the cloud and putting their data in the hands of a third party. Cloud-based suites are not necessarily any safer or riskier than systems that rely on hardware or your company’s private network because no system is perfect.
Microsoft has its own, strict policies in place around data protection that could clash with the way you do business. For example, some types of files can’t be uploaded onto their servers. If you find yourself in a situation where O365 interferes with your organisation’s common practices, you may want to consider something like their Enterprise solution that allows you to control your own data.
And while they’re by no means commonplace, there have been outages for the Office 365 suite in the past. During downtime caused by outages, people can experience difficulties accessing their data stored on cloud-based products. This is why it’s important that organisations have a plan B in case this ever happens.
Office 365 makes for a very popular target for cyber attacks due to its widespread use worldwide. To combat these threats, Microsoft has developed many sophisticated security features. For example, O365’s Data Loss Prevention feature allows businesses to monitor, regulate and protect sensitive business data.
Meanwhile, Threat Intelligence offers a broad view of the current cybersecurity threat landscape and Mobile Device Management allows your IT department to manage mobile access to company data and remotely wipe any stolen devices. Microsoft’s Advanced Security tool helps those who find that the other O365 security features don’t cut it by filtering out more advanced threats and by offering features like multi-factor authentication.
While O365 is protected by many innovative security features, these lack the ability to predict the latest threats. Third-party tools like TitanFiltering use predictive machine learning technologies to recognise threats before they’re added to lists for well-known data security threats. This means that in order to have zero-day protection from advanced cybersecurity threats, you’ll need to deploy a third-party solution.
As you can see from the list of strengths and weaknesses above, Office 365 is an excellent set of products that are designed with the modern workplace in mind. That being said, as with any piece of technology, O365 does have its blind spots.
We’ve already mentioned some of the ways to combat these throughout this article, but many organisations would also greatly benefit from patching up the built-in security features of Office 365 with third-party tools.
In next week’s blog post, we’ll go over how TitanFiltering can do just that. In the meantime, check out more articles on cybersecurity and IT strategy on our blog, check out our events page and have a look at our free IT resources for business leaders.
The post Your Guide To Office 365 Security Strengths & Weaknesses appeared first on Onestop IT.
Do you know how computer viruses spread? How about what tools hackers use to gain access to your computer so that they can record everything you do on it? Viruses and spyware are terribly scary prospects to most internet users. However, most people don’t have a very comprehensive understanding of how they can Discover more The post Protect Yourself Against Spyware & Viruses With These 6 Tips appeared first on Onestop...
Do you know how computer viruses spread? How about what tools hackers use to gain access to your computer so that they can record everything you do on it? Viruses and spyware are terribly scary prospects to most internet users. However, most people don’t have a very comprehensive understanding of how they can protect themselves or their business from these weapons of cybercrime.
That’s why today, we’re going over how computer viruses and spyware work as well as offering you six ways you can protect your organisation from these IT security threats.
Just like a virus that gives you the flu, a computer virus works by replicating and spreading itself from host to host. A virus always spreads through some form of programming, such as a document or a file that can install malicious code onto your device. After this code has been installed, it’ll lie dormant until the programme it has infected is run. Once your computer has been infected with a virus, it can also spread to other computers in your network.
After a computer virus has been activated, it can wreak havoc by stealing your data or login details, spamming your contacts or even taking control over your device completely. Some telltale symptoms of a computer virus include slow performance and frequent crashes, unexpected password changes, mass emails being sent from your account and strange pop-ups and computer programmes appearing on your screen.
Spyware is exactly what it sounds like: software that spies on you in order to steal your data. Some types of spyware are relatively harmless and simply record your internet usage for marketing purposes. More malicious forms of spyware can gain access to almost everything you type on your computer, including your emails and other messaging tools and the login details to your online accounts.
Hackers can then use this information to commit fraud, steal your identity or sell your information on the dark web to the highest bidder. Signs that your device might have been compromised by spyware are similar to those of a computer infected by a virus.
Let’s be honest here: very few people actually take the time to read through those long user agreements they get when signing up for an online service or downloading a software product. However, taking some time to read through the small print here could be the thing that protects you from getting infected by spyware.
So look through licensing agreements and privacy statements before agreeing to them. Look for mentions of data gathering and sharing information with third parties. You can always use the “find in page” function (Ctrl + F in Windows, Cmd + F in Mac) to search for mentions of these in long documents.
There are a few things you can configure in your web browser settings that can help you protect yourself against viruses and spyware. First of all, you should consider blocking third-party cookies. While many cookies are absolutely harmless and even useful, some are used for malicious purposes.
You can disable third-party cookies altogether and create a whitelist of trustworthy websites you’ll allow cookies from. This way you can still enjoy websites you know aren’t malicious.
Another measure you can take is blocking your computer from running scripts without your explicit permission – most web browsers support this. Scripting is something malicious websites often use for installing harmful code on your computer, so disabling this helps protect you from many viruses and other cyber attacks.
A common way that viruses and spyware get onto your computer network is when someone clicks a dodgy link in a spam email or pop-up window. These might look like legitimate messages from sources you trust, such as your bank asking for your log-in details or your operating system telling you to download a free anti-virus product or a software update. They could also offer you something that seems too good to be true, like a free iPhone.
There are a few best practices you can follow to distinguish between genuine messaging and phishing attempts, and our next blog post will go into more detail into how to do this. The two rules of thumb you should keep in mind is to always look at the details of the message to figure out whether it’s authentic and that if something sounds too good to be true, it probably is.
We’ve all heard horror stories about people clicking on phishing links in emails that seem genuine, but do you know what a malicious email actually looks like? Want to test how savvy you and your employees are when it comes to distinguishing between genuine and malicious emails? Get in touch with us for a free phishing IT security test for your organisation.
This is a very simple step to take to protect yourself from viruses and spyware, yet many people neglect to take it. You should use a different password for all accounts and make sure that they are strong. A strong password is a combination of upper and lower-case letters, numbers and special characters.
Your password shouldn’t be something personal that can be guessed easily, such as a name or a birthday. You should also change passwords regularly. If you need a helping hand creating strong passwords and keeping track of them all, consider signing up for a secure password folder service. LastPass and 1Password are just two of the many options out there.
Using a variety of products – from firewalls to anti-virus and anti-malware software – gives you a strong layer of protection from spyware and computer viruses. You can read more about how firewalls work and how to use one to protect your organisation with one in our recent blog post here.
Anti-malware and anti-spyware products protect your computer and its associated network from spyware and viruses by scanning your incoming network data and isolating or blocking any threats it finds.
DNS stands for Domain Name System, which is, simply put, the phone book of the internet. When you enter a URL into your browser, DNS servers take this written data (e.g. google.com) and translate it into a string of numbers known as an IP address.
DNS servers are the reason we can easily search for the website we want online without having to memorise long IP addresses, but this system is susceptible to cyber attacks. That’s why organisations that take their cybersecurity seriously should consider purchasing DNS protection to shield themselves from hackers. The DNS service we recommend is Webroot DNS.
This cloud-based service takes just minutes to set up and gives you detailed on-demand reports on things like the threats that the service has shielded you from. You can also use this product to block access to potentially dangerous or unwanted sites, such as sites linked to malware or adult content.
We should remind you here that DNS protection alone isn’t enough to shield you and your organisation from cybersecurity threats. While a DNS protection service will add a good layer of security to your computer network, it’s not enough to protect your devices and sensitive data – it should only make up one part of a comprehensive cybersecurity strategy.
The post Protect Yourself Against Spyware & Viruses With These 6 Tips appeared first on Onestop IT.
As we said in our previous blog post, your business reputation is incredibly important and online reviews of your products and services can make or break your business. That’s why you need a strategy for getting more reviews from your customers and ways to use these to display your excellence. Don’t assume your clients will Discover more The post How To Boost Your Company Reputation With BizRatings appeared first on Onestop...
As we said in our previous blog post, your business reputation is incredibly important and online reviews of your products and services can make or break your business. That’s why you need a strategy for getting more reviews from your customers and ways to use these to display your excellence.
Don’t assume your clients will remember to review you without you offering them some gentle reminders – you can do just this with BizRatings. Read on to find out how you can use this tool to get more reviews, gain more visibility for your business online and improve on your customer experience.
These days, most people check online reviews before purchase and it’s easy to see why. When looking up what other people have thought about a restaurant, IT company or a new mobile phone can be done in just a few clicks, it would be silly not to see if other people have enjoyed the product or service you’re considering.
And these opinions really do matter: it takes an average of twelve positive reviews to offset a single negative one. So getting a good number of genuine, helpful reviews – especially positive ones – is integral to your company reputation.
Our recommended tool for getting more customer reviews and improving your company reputation online is BizRatings. This is a tool that allows you to send automated emails to your clients to ask for a review or so that you can showcase your expertise online and quickly address any issues your customers are facing.
You can showcase your reviews on your BizRatings profile, your own website as well as third-party sites like Google My Business, Facebook and Yelp. When your customers go to leave you a review with BizRatings and their rating is above a threshold you’ve set, they get the option of posting their review on a third-party review site as well as your BizRatings profile. This allows you to get greater benefits from a single review.
BizRatings reviews also get ranked by all major search engines and in this way, they’ll also improve your SEO. In practice, this means that when people search for the kind of products or services you offer, your website will feature higher in their search results, likely with a snippet of text from a positive review left by an existing customer.
Apart from online reviews, you can use BizRatings to send out regular customer surveys. This allows you to gain more insight into how individual employees are doing, what unique needs your customers have and how your company can help them solve their problems.
You can get started with BizRatings for free if your company has 50 or fewer employees. If you have more employees than this or need more complexity than what’s included in the basic package, see the full pricing details here.
After signing up and claiming your business for free, you can import the contact details of your customers and send them a simple email survey so they can share how they think you’re doing. You’ll be able to customise the headline and copy of the email as well as the primary question you want your customers to answer. You can send up to three emails after purchase to a customer thanking them and asking them for a review.
When they click to give you a score on your primary question, they’ll be given the option to expand on their views by writing a review. You can also set up to five additional questions they can answer to get more detail on where you’re excelling and where you still have room for improvement.
After a customer has left a review, you’ll have a chance to look over it and choose whether or not you want to display it on your profile. You might be tempted to publish only positive reviews, but we wouldn’t recommend doing this. A variety of ratings gives your company more legitimacy and if you simply delete negative reviews, the customers who left them will feel even more let down by your unwillingness to address issues.
Instead of deleting bad reviews, you should view them as an opportunity to do better. Respond quickly and thank them for taking the time to share their opinion. Then, do your best to make it right – any freebies you can offer here go a long way. Share with them the steps you’ll take to make sure this won’t happen again – this way, you just might win a client for life!
If you need help getting started with BizRatings or would like more information on how it could benefit your IT strategy, get in touch with us. To read more about why your business reputation matters, check out our previous blog post on this topic. While you’re at it, why not read some of our other business blog posts? Have a look at our events page for details for a chance to meet us in person.
The post How To Boost Your Company Reputation With BizRatings appeared first on Onestop IT.
In this day and age, having a good flow of genuine customer reviews posted about you online is integral to making your business a household name in your local area. Google reviews are one of the best ways to raise your online profile and improve your company’s offering which is why today, we’re going over Discover more The post The Power of Google Reviews For Gaining Online Visibility appeared first on Onestop...
In this day and age, having a good flow of genuine customer reviews posted about you online is integral to making your business a household name in your local area. Google reviews are one of the best ways to raise your online profile and improve your company’s offering which is why today, we’re going over the reasons behind this as well as how to start getting more reviews from your customers.
This goes for both your potential customers searching for a business like yours as well as Google itself. We’ve already mentioned how most people now read online reviews before purchasing in a previous blog post.
Online reviews build your business reputation by giving your operation legitimacy: even if some of the reviews you get are critical, having a good number of people rate your business shows that you run an established business that is well-known in your local area. You shouldn’t be too scared of bad reviews, either. In fact, one study found that 68% of people trust your company better when both positive and negative reviews are posted about it.
Picture this: you’re searching for a new hairdresser in your local area, so you take to Google to find one. The first element in the search results is a map that displays three salons near you: one with no reviews, one with two five star reviews and one with 120 reviews with an average of 3.6 stars. Which one would you choose?
Chances are, you’d go for the last option. Having a large number of reviews, even if some of them are critical, shows that a business has been operational for a while and had a chance to hopefully grow from the feedback they’ve got. The same should go for your business.
SEO, or search engine optimisation, encompasses all the ways you can make your website more visible in search engine results. When you type something into Google’s search bar and press ‘enter’, different algorithms and site-crawling bots are used to find the most relevant web results to display to you.
There are many ways to improve your position in the results page of search terms relevant to your business. Collecting customer feedback in the form of online reviews is a particularly time and cost-effective way to do just this.
Asking people to leave reviews for you on Google takes very little time and can make you rank for relevant keywords even if they aren’t widely used on your website. If, for example, your company offers accounting services for small businesses, people mentioning their experience with this service in their review will make your website appear higher in search results for people searching for accounting in your area. This is because reviews mentioning accounting communicate to Google that this is something your business is well-known for.
Collecting online reviews means you also get access to valuable feedback on your business: while a negative review isn’t something you want to see, it gives you an excellent chance to consider whether there’s a way to improve the way you do business.
Whether it’s giving more attention to speeding up customer service, adding a new feature to a product or even offering a completely new service, constructive criticism helps you grow. Make sure to answer to all reviews you receive and communicate how you’re striving to do even better. This way, you show your customers that you care about their opinion.
Remember that whether you like it or not, people are going to leave reviews of your business online. That’s why you’re in a better position if you reclaim your business page on relevant review sites and make the most of the reviews people leave you. But with so many different review sites out there, why should your focus be on getting Google business reviews?
There are a number of reasons why Google should be your first priority when collecting online reviews. First of all, it’s easy for most people to leave a Google review: anyone with a Gmail or YouTube account will be able to rate you without much effort. You can even get a link to give to them to access the review page directly. In contrast, you have to create an account of its own for Yelp reviews, which takes time and effort.
Another issue with Yelp reviews is that for better or worse, their spam filter for reviews consistently weeds out a good number of genuine, well-meaning reviews as well as ones that have been paid for or that contain defamatory material. This means that if someone creates a Yelp account so that they can leave you a well-thought-out review, you might never see it because the poster hasn’t reviewed any other businesses in the past and Yelp thinks they might be posting a fake review.
Meanwhile, Google removes very few reviews and you have to argue your case to get one removed from your business page. While this can sometimes be a pain, it does mean you get a more complete and authentic idea of a company’s online reputation with Google reviews.
As we hope you’ve gathered by now, we encourage you to not only accept the fact that people will review your business online whether you like it or not but to actively seek out more of them. Asking friends and family as well as trusted long-time customers of your business to leave a review is a good way to get the ball rolling.
When it comes to getting more online reviews for your business, BizRatings is our recommended tool. By connecting your BizRatings account to your Google My Business page, you can give your customers an easy way to review you online.
Here’s how it works: after creating your BizRatings account and importing your contacts, you can use the site to send up to three customisable emails to customers thanking them for their purchase and asking them to take a minute to rate your business by clicking the rating scale in the email.
If you’ve connected your BizRatings and Google My Business accounts, your customer will be given the chance to share their review on Google as well as your BizRatings profile as long as their review meets the parameters you’ve set for the reviews you want to be posted to Google as well. BizRatings makes it easy for your customers to remember to review you by sending automated reminders to them after purchase. By installing the BizRatings widget on your website, you can also display your reviews on your own site.
If you’d like to learn more about why your business’ online reputation matters and how BizRatings can help with this, check out our blog posts on this subject. And while you’re at it, why not check out the rest of our blog posts? We post new articles on business, IT strategy and cybersecurity every week.
The post The Power of Google Reviews For Gaining Online Visibility appeared first on Onestop IT.
The way people choose the businesses they buy products and services from has changed fundamentally with the near-universal adoption of the internet and its various review sites. While in the past, people learned about products and services largely through word of mouth, today, online reviews on sites like Google, Facebook and Yelp could make or Discover more The post Why Business Reputation Matters & How To Boost It Online appeared first on Onestop...
The way people choose the businesses they buy products and services from has changed fundamentally with the near-universal adoption of the internet and its various review sites. While in the past, people learned about products and services largely through word of mouth, today, online reviews on sites like Google, Facebook and Yelp could make or break your business.
These days, people place a lot of trust online reviews: one survey found that 88% of people trust reviews on Facebook and Yelp just as much as personal recommendations. With this in mind, today we’re going over why a strong online reputation is crucial for any modern business and how you can boost this through online reviews.
Your business reputation is how the outside world sees your business. It consists of things like your company ethics, commitment to your customers, the quality and value that you offer as well as your management and vision for the future.
A good company reputation also means answering customer queries quickly and not blaming your customer but rather seeking to rectify any issues yourself. It’s about showing corporate responsibility by giving back to the wider community and keeping on top of the latest technology developments and innovations in order to be seen as a market leader in your field.
While it might be difficult to put an exact figure on the financial impact that a bad company reputation could have on your business, there are studies and some real-life examples that can help illuminate this a bit better.
A Harvard Business School study found that for restaurants, there was an estimated 18% difference in revenue between 3-star and 5-star establishments. Meanwhile, a construction company was awarded $750,000 for lost revenue after it sued someone for a defamatory review published on Yelp and a site called Angie’s List. These examples go to show that the financial consequences of as few as one bad online review can be huge.
Another way a poor business reputation can negatively affect your company’s financial standing is the way it can cause trouble attracting and retaining the top talent in your field. Surveys suggest that 76% of people would be unlikely to accept a job offer from a company with a bad reputation, even if they were unemployed, while one in two might say yes if they received a significant pay rise with their new job at a company with a poor reputation.
Additionally, a LinkedIn study found that companies with a good online reputation had a 28% lower turnover rate, meaning that hanging onto talented staff is easier when they’re proud of where they work.
Choose only a few sites you want to get reviews on and complete profiles for them with essential information about your company. Focusing on fewer sites means you have your reviews more centralised. This means that your would-be customers can appreciate the full scope of your company reputation and that you can monitor it more carefully. Adding details like pictures, opening hours and directions means your potential customers have all the information they need in one place and that they have fewer barriers for purchasing from you.
To attract more reviews, make sure your customers know where they can leave a review. So ask your favourite clients in person if they could leave you an online review. Additionally, add a call to action asking for reviews into sales literature, at the end of emails and on receipts.
Remember to ask for a review as soon as possible after a customer has bought from you as their memory will be fresh. Our next two blog posts will go into more detail on how to get more online customer reviews for your business, so stay tuned.
Whatever you do, never buy fake reviews. If you’re unfamiliar with this phenomenon, fake reviews are a common way for shady businesses to artificially boost their business reputation online by paying for people to post fake reviews that praise them. So even if you’re putting in lots of hard work building your reputation the honest, organic way, a morally questionable competitor could be stealing your thunder with fake reviews.
Paying for online reviews is a bad idea because if you get found out, your reputation will suffer immensely. Likewise, if you get customers expecting outstanding products and services, they are more likely to be sorely disappointed if your company offering doesn’t match the expectations that fake reviews have built for them. This can lead to some angry backlash on review sites.
Once the reviews start coming in, you should make the most of them by interacting with the customers who have taken the time to review you: make sure you thank people who’ve left positive reviews both online and in-person and respond to negative reviews quickly with sincere apologies and offer ways to fix the issue. Sign up for alerts from review sites to be notified when someone reviews you: this will allow you to respond to them quickly.
Make sure you show that you’re taking steps to learn from the feedback you’re getting by adding this level of detail to your responses to critical reviews. And remember to thank your customer even for a negative review and remain courteous and apologetic even if you feel like the criticism isn’t fair. While it may be difficult to do so, offering a refund even if you strongly feel your customer is wrong can help mitigate the impact of their negative review.
Keep in mind that customers often vent their frustrations in the form of negative online reviews as a last resort, so make sure you provide ample opportunities for customers to get in touch with you directly to rectify any issues before they take to the internet to complain about you.
The post Why Business Reputation Matters & How To Boost It Online appeared first on Onestop IT.
Do you know how often your employees change their passwords? Do you have guidelines in place around setting strong, separate passwords for each online account? If you do, good for you! However, this alone isn’t enough to secure your online accounts anymore. With cybercriminals coming up with new ways to steal your Discover more The post How To Use Multi-Factor Authentication For Cybersecurity appeared first on Onestop...
Do you know how often your employees change their passwords? Do you have guidelines in place around setting strong, separate passwords for each online account? If you do, good for you! However, this alone isn’t enough to secure your online accounts anymore.
With cybercriminals coming up with new ways to steal your login details every day, it’s important that you take an extra step to protect sensitive data stored on online accounts linked to your organisation. This extra step is called multi-factor authentication (MFA). In today’s blog post, we’ll go over the basics of this cybersecurity tool and give you examples of the kinds of products available to you.
People have been using passwords to protect sensitive information and locations for centuries. However, in the modern digital landscape, passwords are insufficient for protecting your confidential accounts on their own. This is because even though password technology has improved over the years, so have the ways cybercriminals can steal these credentials.
The biggest issue with relying on a password alone is that it doesn’t have a way of verifying your identity: anyone who knows your password can get access to your account unless you use multi-factor authentication. Without an MFA tool, if someone within your organisation falls victim to a phishing attempt or something similar, cybercriminals can easily access your accounts and do anything they want with them.
This kind of cybercrime is so common that a 2019 Verizon report named passwords as the single biggest source of data breaches, accounting for 81% of all cases. Most people have very similar, often not strong enough, passwords for different accounts, and company-wide password policies are hard to enforce. This is where multi-factor authentication can help you.
Multi-factor authentication (MFA) relies on two or more login methods that can be categorised by the following three ways:
Multi-factor authentication isn’t strong because each and every tool it uses is strong enough to protect your accounts on its own. Instead, MFA is strong because by using multiple ways of identifying you, these different tools complement each other, picking up slack where the other tools you’re utilising have blind spots. While someone might have access to your password, it’s much harder for them to obtain or fake something like your fingerprint.
Some other methods an MFA tool might utilise include security questions and behavioural analysis. You can use your smartphone to add an additional layer of authentication by adding automated phone calls, SMS security codes and biometrics like face recognition to your security repertoire.
We recommend that for the most ease possible, you look for an MFA tool that offers adaptive authentication and single sign-on.
Adaptive authentication is a form of behavioural analysis that compares the details of a login attempt to your past user behaviour. If you always login to a certain account during office hours and on your company network, your adaptive MFA tool will stop asking for a second authentication after you put in your password once it has noticed this pattern in your behaviour.
However, if there is a login attempt that differs from your established routine, you’ll be asked to verify your identity by one of your previously set up authentication methods. So, if there is a login attempt made through public wifi in a cafe late at night, you might get a push notification on your phone that asks you to verify your login attempt as coming from you.
By learning the way you work, adaptive MFA eliminates the headache of having to submit multiple authentication methods each time you log into your accounts.
Single sign-on (SSO) capability offers similar ease to signing in to all of your accounts by creating a single, secure location for all of your passwords. With an SSO solution utilised, you can sign into your account with something as simple as tapping once on a push notification on your smartphone.
This means that you don’t have to remember a separate password for every account. This can be extremely useful for those among your staff who are reluctant to use different passwords for different accounts: while this is a cybersecurity best practice, it’s often not followed and is hard to enforce as a policy.
If you’re only just getting started with multi-factor authentication, it’s a good idea to start with a tool that is either free or relatively inexpensive. With this in mind, we’ve collected four MFA technologies below that are perfect for those looking to use this technology for the first time.
Google’s MFA tool is simple and free to use and available for both iOS and Android. To gain access to your online accounts, you’ll have to capture a QR code. You’ll need to download a QR code reader onto your phone in order to use this tool, but since it’s a free app, it’s worth the extra setup step.
LastPass offers both free and paid accounts which give you access to your own secure password vault. You can also create shared vaults for accounts that need to be accessed by multiple people in your organisation. Apart from single sign-on, LastPass can make your life easier with their two-factor authentication that allows you to log in with one-tap push notifications.
Microsoft’s free authenticator app is available for Android, iOS and Windows 10 Mobile. For third-party websites, login is made through capturing a QR code, while for your Microsoft accounts, you can get access through a simple one-tap notification, just like with LastPass.
The YubiKey is the only MFA tool on our list that relies on a physical security key, but it’s by no means the only one on the market. We decided to feature this Yubico product today because it’s an affordable, very secure option for smaller organisations. The YubiKey is a small, waterproof USB stick that gives you secure access to your online accounts. After entering your username and password, you simply press the button on your key and get signed in.
If you want more information on the best ways to boost your organisation’s cybersecurity, have a look through some more of our articles on the subject on our blog. Make sure to also check out our events page and online IT resources to access more of your IT security expertise. If you’d like to talk to our IT experts, get in touch with us through the link below.
The post How To Use Multi-Factor Authentication For Cybersecurity appeared first on Onestop IT.
Or if you prefer use one of our linkware images? Click here