Better data security with two-factor authentication
The impact of a cyber attack can be devastating – ethically, financially and in terms of reputation. The good news is that forward-leaning healthcare organisations are applying learnings from banking and financial institutions. One of the easiest and most effective actions being taken is two-factor authentication for account logins. This investment in security is proving to be a powerful tool for data protection.
What is two-factor authentication?
We’re all familiar with using a password or PIN to identify ourselves and protect our information. Two-factor authentication (sometimes shortened to 2FA), simply means that there are two checkpoints for proving our identity.
This tactic is gaining momentum in areas where sensitive information is potentially vulnerable with a ‘weak’ password or simple 4-digit PIN. You’ve probably used it if you’ve logged into your email from a new device, made a payment with PayPal, or done any online banking in Australia.
There are three different characteristics that are often used as factors in the authentication process:
- Something you know
- Something you have
- Something you are
The most common second authentication steps are SMS codes, email links for verification, and security questions that only you would know the answer to. However, mobile authenticator apps, physical devices like tokens, fingerprint scans and voice recognition, are also popular, and arguably more secure.
How does two-factor authentication work?
While it’s not impregnable, an extra layer of protection significantly decreases the risk of unauthorised access and system breaches.
Firstly, having two-factor authentication at the login stage means more steps for hackers to undertake, making your data a much less attractive target.
Secondly, analyses of hacked passwords show that most people opt for passwords that are easy to remember – this also makes them easy to break. Many users also repeat passwords across multiple platforms, making them easy to steal. Statistically, requirements for alphanumeric passwords don’t really improve either of these situations. That’s why, when used in combination with a strong, single-use password, two-factor authentication greatly enhances security.
Getting started with an Authenticator app
Setting up an Authenticator app is easy, and can be used for multiple cloud software packages where this type of two-factor authentication is enabled. Simply use your mobile device to search for the Google Authenticator or Microsoft Authenticator app on Google Play or the Apple App Store and follow the steps to set up your free account.
In order to protect the data of patients and practices, MedicalDirector is introducing two-factor authentication for Helix. While it does require one extra step in a log-in process, it provides a much stronger defence for your account.