• Client Portal
    • Support
    • Contact Us
    • 1.800.541.0450
    • Request a Free Consultation
ICS_Logo_transparent.png
  • Practice Groups
  • Services
  • Partners
  • About Us
  • News & Events
  • Resources
  • Blog
Innovative Insights

Common Two-Factor Authentication (2FA) Solutions

Posted by William Pate | December 13, 2016 7:16 AM |

  • Tweet

 

At Innovative Computing Systems, we promote a cybersecurity perspective called “defense-in-depth.” Essentially, we believe law firms, legal departments and individuals need more than one or two layers of information security. Users and clients must be confident that even if one defense fails, another will stand up and attempt to prevent or mitigate an attack. We have long recommended that clients utilize two-factor authentication as one of those layers of defense.


2FA
Two-factor authentication is the use of two different means to verify your identity.


With 2FA, a user who attempts to log on to a workstation or to access protected programs and/or files is prompted to identify him- or herself via a second factor. This is done by a means other than that same computer and login/password combination, such as using one’s smartphone with an SMS (text) message, a hard token or even a phone call. Two-factor authentication is simply another way to make sure that the user is the expected individual by requiring another form of identification. It’s the technological version of two checkpoints instead of one.


For users not concerned with the under-the-hood aspects of the security being provided, the factors used to authenticate a session are the most important components of 2FA. Given the variety, it is important to be discerning in choosing your law firm’s two-factor authentication solution. You must ensure your chosen solution will integrate with all your firm’s applications, provide the expected security and be user-friendly. Let’s examine a few of the options.


Email & SMS
One of the most common forms of two-factor authentication is the email or SMS two-factor authentication.jpgmessage. Many people have lost their passwords and requested to have them reset only to be told to enter a code received via text message or email. This is an example of two-factor authentication.


PROS: Almost everyone has an email address and/or SMS-enabled phone.
CONS: You may not use SMS or you do not have access to your email.


Applications
Some firms use mobile device applications as a second layer of password security. For many of Google’s services for instance, one must download the Google Authenticator app, generate a code and enter it at the workstation within a defined period to access certain information.


Similarly, we consider our partners at Duo to offer a best-in-breed enterprise-quality two-factor authentication solution. Duo allows one to simply press an “Approve” button on his or her device to verify identity.


Other solutions require users to enter their usernames and passwords at the workstation and then input a number generated by an app on their phones or tablets. Users have a limited time to enter the number before it expires and a new one must be generated and entered.


PROS: People always have their smartphones with them.
CONS: In the event the user should lose his or her phone, access could prove difficult. Transferring the number from the smartphone to the computer can be a hassle and prevent one from logging in if time runs out.


Security Tokens
Security tokens are physical devices made solely for the purpose of providing two-factor authentication. Some tokens display a number to input as a passcode when logging on at a workstation. Other tokens will connect to the workstation via Bluetooth. Dongles, which you insert into an access point, are also popular forms of 2FA.


PROS: The devices are often rugged and always ready to provide access.
CONS: If the devices are lost or forgotten or the power source dies, the ability to authenticate and gain access may be hampered.


Considerations
Two-factor authentication is no longer an expensive cybersecurity solution. With cloud-based two-factor authentication platforms, implementation and onboarding can be accomplished rapidly and easily. Best of all, the low cost now puts powerful two-factor authentication solutions within reach of all law firms.

 

Download your copy of this information sheet:

 

Common Two-Factor Authentication Solutions


If you would like to learn more about improving your firm’s cybersecurity with enterprise-quality two-factor authentication solutions, contact us at sales@innovativecomp.com.

 

Request a Free Consultation

 

Topics: Dual Factor Authentication, cybersecurity, Two Factor Authentication, 2FA, Duo, Information Security

Comment on this post

Recent Posts

Categories

  • cybersecurity (132)
  • IT Tips (90)
  • Technology Consulting (75)
  • Security (55)
  • Cybercrime (44)
  • 31 Days of Law Firm Data Security (34)
  • Training (33)
  • Cloud (31)
  • Malware (28)
  • Information Security (23)
  • Passwords (22)
  • Email Management (20)
  • Email Security (19)
  • Ransomware (18)
  • phishing (18)
  • Cloud Storage (17)
  • Hacking (17)
  • Alerts (16)
  • 2FA (15)
  • Two Factor Authentication (15)
  • Disaster Recovery (14)
  • Webinars (14)
  • iManage (14)
  • Articles (13)
  • Data Backups (12)
  • Microsoft (12)
  • Network (12)
  • ECM (11)
  • Managed Services (11)
  • DMS (9)
  • ILTA (9)
  • Information Governance (9)
  • Business Continuity (8)
  • CCPA (8)
  • End of Support (8)
  • Endpoint Protection (8)
  • Partner Series (8)
  • whaling (8)
  • Document Management (7)
  • End of Life (7)
  • Office 365 (7)
  • SentinelOne (7)
  • ALA (6)
  • COVID-19 (6)
  • Data Recovery (6)
  • DocsCorp (6)
  • Employment (6)
  • Infographic (6)
  • Partners (6)
  • Privacy (6)
  • Access Control (5)
  • Antivirus (5)
  • Cybersecurity Infographic (5)
  • Dual Factor Authentication (5)
  • Federal Trade Commission (5)
  • APTs (4)
  • Client Audits (4)
  • Consumer Privacy (4)
  • Enterprise Mobility Management (4)
  • FBI Internet Crime Complaint Center (4)
  • Innovative Cloud Solution (4)
  • Mimecast (4)
  • Mobile (4)
  • Publications (4)
  • Remote Access (4)
  • Windows 10 (4)
  • Word (4)
  • iManage Work (4)
  • Cloud Infographic (3)
  • Duo (3)
  • Events (3)
  • Microsoft SQL Server (3)
  • Our Team (3)
  • PII (3)
  • Penetration Testing (3)
  • Secret Service (3)
  • Survey (3)
  • US-CERT (3)
  • Virus (3)
  • Vulnerability Testing (3)
  • Windows 7 (3)
  • Yahoo (3)
  • cleanDocs (3)
  • videoconferencing (3)
  • ALA 2016 (2)
  • ALA 2017 (2)
  • AWS (2)
  • Advanced Persistent Threats (2)
  • Association of Legal Administrators (2)
  • Biometric Authentication (2)
  • Change Management (2)
  • EOL (2)
  • ESU (2)
  • Fortinet (2)
  • GLA ALA (2)
  • HackNotice (2)
  • Hashcat (2)
  • Hybrid Storage (2)
  • IC3 (2)
  • Identity Theft (2)
  • Microsoft SQL Server 2005 (2)
  • Microsoft SQL Server 2008 (2)
  • Microsoft SQL Server 2016 (2)
  • Mine (2)
  • Office 2016 (2)
  • On-Premises Storage (2)
  • Regulation (2)
  • SMB (2)
  • Server 2008 (2)
  • Staff (2)
  • Video (2)
  • Videos (2)
  • eBook (2)
  • firewall (2)
  • iManage RVAN (2)
  • ABA (1)
  • About Us (1)
  • Amazon Web Services (1)
  • Anniversary (1)
  • Austin ALA (1)
  • BYOD (1)
  • Blue Jeans (1)
  • Cindy Bates (1)
  • Citadel Information Group (1)
  • Citrix (1)
  • Cloud Communications (1)
  • Customer Service (1)
  • David Lam (1)
  • ELF (1)
  • EMM (1)
  • EMP for Windows Server (1)
  • Employment Law Forum (1)
  • Financing (1)
  • First American Equipment Finance (1)
  • GLA (1)
  • GPDR (1)
  • Golden Gate ALA (1)
  • HPE (1)
  • Hiring (1)
  • IBM (1)
  • Identity Management (1)
  • Imaging (1)
  • Innovative Computing Systems Family (1)
  • Internet Explorer (1)
  • Internet of Things (1)
  • IoT (1)
  • KnowBe4 (1)
  • LawToolBox (1)
  • Licensing (1)
  • Los Angeles (1)
  • MaaS360 (1)
  • Michael Kemps (1)
  • Microsoft Edge (1)
  • Microsoft SQL Server 2014 (1)
  • Mitel (1)
  • Outlook (1)
  • PDFs (1)
  • Phones (1)
  • Pokémon GO (1)
  • Printers (1)
  • Privacy.com (1)
  • RSA Conference (1)
  • Real Estate (1)
  • Recipient Checking (1)
  • Remote Work (1)
  • Servers (1)
  • Threat Map (1)
  • Unified Communications (1)
  • User Experience (1)
  • Virtualization (1)
  • Work Product Management (1)
  • Work from Home (1)
  • compareDocs (1)
  • macOS (1)
  • pdfDocs (1)
  • zoom (1)
see all

Subscribe to Innovative Insights

  • Cloud Solutions
    Cybersecurity
    Managed IT Services
    IT Consulting
    Enterprise Servers & Storage
    Enterprise Content Management
  • Telephony & Networking
    Desktop Management
    Desktop Deployment
    Audits & Strategy
    Virtualization
Practice Groups
Services
Partners
About Us
News & Events
Resources
Blog
Employment
Privacy Policy
ICSLogo_Footer
Copyright © 1989–2021. Innovative Computing Systems, Inc.