Many cyber insurance companies are starting to mandate organizations to use 2FA if they want to be covered. However, 2FA often relies on staff members using their personal devices. What if you have a staff member that doesn't own a cell phone? Doesn't feel comfortable using their device? Or is just plain against using their cellphone? Below we list 5 top solutions when your staff doesn't want to use their personal device for 2FA.
1. Security Key
YubiKey is easy to use across all devices, and it takes three steps to have your staff use 2FA efficiently. First, you register the yubikey by plugging it into a USB port on your computer. Then, you touch the key... yes, touch the key. Yubikey is a fingerprint biometric system that circumvents 2FA through a fingerprint. You then tap the key to the device that requires 2FA or leave it plugged in.
2. Hardware Tokens
When a staff member logs in, they can select to send a code to a small device. The small device, about the same size as a USB drive, has a button and a screen. After sending the code, you press the button, and the screen displays a unique pin. The pin is then entered onto their device screen to access an account.
Using a cell phone isn't always an option. An alternative is landlines. Staff can use their office telephone where they receive a call that gives them a passcode. They then enter the passcode into the prompt on their computer screen.
4. Touch ID
Depending on your device, your computers, tablets, or cellphones might have a Touch ID button. If they do, you can use your fingerprint as a form of 2FA.
Educating your organization's staff is essential for a smooth transition to 2FA. There are a lot of misconceptions when it comes to multi-factor authentication. The first is that staff will have to go through the process of 2FA every time they want to read an email. Your technical team can set how often 2FA is required throughout the day, which means a staff member can use 2FA once in the morning and remain logged in the rest of the day. Another is that 2FA is pointless. Schools and small organizations are soft spots for hackers. So, 2FA prevents hackers from accessing private information. However, depending on your organization's 2FA provider, not all solutions may work. Pine Cove Consulting is happy to help you work through your 2FA requirements.
What We Recommend
Pine Cove Consulting recommends using DUO for two-factor authentication. DUO lets you implement 2FA with any of the above solutions or with a personal device. DUO provides real-time data, letting you know of any suspicious activity and displaying all login activity on your custom dashboard. DUO is perfect for the education or corporate environment, however, If your organization's 2FA provider is mandated, we can still tailor the above solutions to you.
If you would like to learn more, reach out to us at firstname.lastname@example.org