Hackers are getting smarter and more strategic in their plans to intercept information that can be used for fraudulent purposes. It has become increasingly difficult to prevent online information from being compromised.
As business owners or HR professionals who frequently work with sensitive employee data, it is especially important that you are aware of the risks associated with not protecting employee information. Breaches can occur at any time, and HR departments carry the most sensitive and confidential information.
Logins, usernames and passwords, security questions, etc. are all familiar ways of ensuring we keep our personal information safe. There is another option for increased security that isn’t quite new but is less commonly known and used. Have you heard of Two-Factor Authentication?
What is Two Factor Authentication?
Two Factor Authentication, also known as 2FA, is a 2-step identity verification process that adds an extra layer of protection when logging into your digital accounts.
How does it work?
In addition to your username and password, you are given the ability to set a second factor that any unauthorized entity trying to login to your accounts might not be able to decode.
Authentication factors may include the following:
- Something you have: a USB stick with a secret token, a bank card, a key, etc.
- Something you have access to: text messages with codes or pins sent directly to your mobile device, emails with links/codes sent directly to your personal email, or apps you can download to your smart phone that have QR codes or push notifications you can either approve or deny.
- Something you are: a fingerprint, voice recognition, facial recognition, etc.
Why is it important?
By using multiple factors to authenticate who you are, it makes it more difficult for an individual or group of hackers to login to your accounts and steal private information.
At Payroll Systems, we plan to implement 2FA for our applications later this year. Details and dates will be provided in the near future.
Advice for Employers:
- Always encourage employees to create strong passwords for all online accounts
- These passwords should have 8 characters minimum, include a mix of numbers, symbols, capital and lower-case letters
- Make sure employees do NOT share passwords for personal accounts that may include SSNs, wage information, addresses, health plans, or any private information
- It is also best practice to change passwords at regular intervals, such as every 54 days as we recommend