Is EDR (Endpoint Detection and Response) better than Anti-Virus Software?

Traditional anti-virus programs are often enough to protect a small business’ endpoints. However, EDR takes it to a whole new level by responding to the current threat landscape effectively.  

At a distance, both anti-virus software and EDR can appear almost indistinguishable. However, upon closer examination, the two security protocols prove to be substantially different.  

Understanding these differences is key to achieving robust enterprise security. 

  1. What’s anti-virus Software? 

According to leading cybersecurity provider Norton, anti-virus software is more like a decentralised security system that helps protect your computer from cyberattacks (including malware and spyware attacks).  

In this scenario, anti-virus software monitors the data traveling through the network to your devices. This information is then compared to known threats while examining the behaviour of all programs on the system.  

Whenever suspicious behaviour is identified, the anti-virus program will attempt to block or remove the infection.  

Anti-virus programs do the following to protect against different types of security threats: 

  • Confirm the safety and security of your device 
  • Delete malicious codes and software 
  • Pinpoint particular files for the detection of malicious code 
  • Scan either a single file or your entire computer at your discretion 
  • Schedule automatic scans 

With ever-evolving cyberthreats, anti-virus is vital to protecting enterprise devices. However, having anti-virus software alone isn’t enough. Instead, anti-virus software should be a component of your overall cyber defence strategy. 

  1. What’s EDR? 

According to the global security software provider McAfee, EDR (also know as ETDR or endpoint threat detection and response) is a unified security solution. It combines a collection of endpoint data with a rules-based automated response, continuous real-time monitoring, and analysis capabilities. 

EDR solutions and tools are designed to detect and investigate suspicious activities across all endpoints in your enterprise infrastructure. Compared to traditional anti-virus software, EDR helps better secure enterprise networks. 

EDR tools do the following to protect against different types of security threats: 

  • Analyse data to identify threat patterns 
  • Automatically respond to recognised threats by removing or containing them  
  • Forensics and analysis tools to research known risks and compare them with internal activity to search for suspicious behaviour 
  • Monitor and collect activity data in real-time from endpoints to pinpoint potential threats 
  1. Anti-virus vs. EDR 

In general, EDR tools don’t replace traditional anti-virus software and firewalls. Instead, they work together to help companies enhance their security protocols and fortify their IT infrastructure. 

However, as threat actors relentlessly try to find innovative ways to breach enterprise systems, EDR is better placed to secure networks. For example, the different analytical tools offered by EDR solutions provide advanced monitoring and reporting capabilities not found in traditional anti-virus programs.  

Traditional anti-virus solutions are simplistic in nature and limited in scope when compared to EDR. When organisations build a robust EDR system, they can make anti-virus software a part of their overall threat detection protocols. 

Modern EDR systems incorporate anti-virus, firewalls, monitoring tools, whitelisting tools, and more. It’s essentially a comprehensive approach that runs on a client-server to better secure your digital perimeter.   

Some key differences that help EDR stand out are as follows: 

  • Its ability to identify endpoint threats quickly 
  • Real-time response when threats are identified 
  • Robust data loss prevention protocols 
  • Protects large scale enterprise architecture efficiently 
  • Provides more holistic protection of enterprise networks  
  • Sandboxing 

Today,  Managed IT services providers also offer EDR solutions powered by artificial intelligence that stop attacks before they cause any real harm. This approach helps derail advanced threats at the most vulnerable endpoint.  

Anti-virus software, on the other hand, allows attacks to take place and then responds to it. This makes EDR solutions and tools the best option for business.  

From now on, companies can’t afford to make security an afterthought. Furthermore, your familiarity with anti-virus software shouldn’t trump the capabilities of EDR.  

To learn more about endpoint detection and response, and how it can help your business maintain robust security and compliance, schedule a commitment-free consultation

How Long Should You Keep a Computer?

When enterprise devices start to slow down, we fear that the end is near. While the knee jerk reaction is often to replace the whole fleet quickly, there’s a lot to consider before placing an order for new machines.

Questions like “how long do computers last?” or “how long should I keep my laptop?” are common in technology forums. But the answer to these questions is relative. It all depends on the hardware components, the software, the environment, and more.

But first, it’s important to make a distinction between consumer-grade computers and enterprise-grade computers. This is because consumer-grade computer brands compete fiercely for the attention of price-conscious customers.

They are often built with cheaper components at the lower end of the spectrum (to keep costs down) and aren’t designed to last long. For example, consumer-grade laptops aren’t meant to last more than a year or two (at most). On the other hand, enterprise-grade computers are built with cutting-edge parts and complemented by the enterprise version of the operating system and Office 365.

What Are the Signs That You’re Due for a Technology Refresh?

Slow Downs

As mentioned above, when your computer slows down, it’s one of the telltale signs that you need an upgrade. However, it’s important to make sure that a virus or Windows 10 didn’t cause it.

Update Issues

Another common indicator that it may be time to replace your computer is update issues. If you’re running into problems with every software update, it means your hardware can no longer support the application.

Multitasking Challenges

Computers are built to run multiple applications simultaneously. So whenever you run into compatibility issues, it often means that your motherboard needs replacing. In other words, whenever you experience hardware issues like this, it’s safe to say that it’s time to buy.

What Are the Dangers of Waiting Too Long to Replace Your Computer?

Waiting too long to replace your company computers will have a significant impact on your bottom line. Under-performing computers often lead to the following:

Significant Downtime

Legacy hardware and systems break down more and result in device downtime. For example, if you’re a small business and your accountant’s computer is out for repairs, it’ll delay the deployment of customer invoices.

For large corporations, even a small amount of downtime impacts interconnected activities. This often costs multinationals hundreds of dollars per minute.

Lost Productivity

When company computers slow down, it has a direct impact on employee productivity. Low productivity can cost your business more than the cost of a new computer.

In this scenario, if computers slow down and cost your business (let’s say) an hour a day in lost productivity, that equals about 20 hours every month (or 240 hours a year in lost productivity).

Increases the Risk of Data Breach

When legacy computers have issues with compatibility and security updates, the risk of a data breach grows exponentially. Whenever this happens, your entire network becomes vulnerable to a cyber-attack.

As ransomware attacks and data breaches can cripple small businesses with fines for compliance violations (and loss of brand value), it’s vital to consider an upgrade to ensure business continuity.

Lose a Competitive Advantage

If your business desktops and laptops can’t support the latest tools and technologies, you risk losing a competitive advantage in the marketplace. So it’s essential to take a step back and look at the bigger picture and strive to get the maximum return on investment.

So How Long Should You Keep Enterprise Computers?

If you get your computers through a managed services provider, you’ll already have a deal in place to replace your machines every few years. Most often, these technology refresh cycles last five years for business desktops and three years for company laptops.

Managed services providers come up with these time frames from experience. If you reach out to your network on LinkedIn, you’ll notice that other companies also work with a similar time frame.

This approach also provides organisations with discounted operating systems and Office 365 that come preinstalled. You can even bundle these managed services packages with IT support, helpdesk services, and network support.

If you need help replacing legacy office computers, we can help! Reach out to one of our in-house experts, and we’ll be happy to walk you through the entire process.

IT Security, What Is It Really?

In the current threat landscape, data breaches are rapidly becoming the new norm. This makes robust IT security critical to secure company and customer data.

According to the Office of the Australian Information Commissioner (OAIC), malicious cyber attacks remained the leading cause of data breaches, accounting for 61% of all data breach notifications in the first half of 2020.

Furthermore, human error accounted for as much as 34% of all data breaches in the country. This suggests that enterprise security’s far more complicated than just obtaining sensitive data or protecting it.

Today, managed IT services providers help small and medium-sized enterprises and corporations access top security talent and technologies to fortify their IT infrastructure, cost-effectively. This approach allows IT support teams to leverage various cybersecurity protocols to protect sensitive, personally identifiable information and maintain business relevance.

IT Security Defined

IT security incorporates a set of cybersecurity strategies to prevent unauthorised access to enterprise assets such as servers, networks, and data. It helps ensure data privacy and compliance by maintaining the integrity and confidentiality of sensitive information (by blocking the access of sophisticated hackers).

It’s essential as bad actors are relentlessly attacking enterprise networks. So with the help of managed IT services, security teams must strive to mitigate multiple cyber threats like the following:

  • Denial-of-service attacks
  • DNS tunnelling
  • Malware attacks
  • Man-in-the-middle
  • Phishing campaigns
  • Ransomware attacks
  • SQL injection
  • Zero-day exploits

Different Types of IT Security

There isn’t a fool-proof turnkey security solution that can alleviate multiple threats to enterprise networks in this rapidly evolving threat landscape. To mitigate risk, companies must evolve with the threat and implement a multi-pronged approach to secure their technology infrastructure.

This process starts with the individual evaluation of different cybersecurity layers:

Application Security

Application security focuses on security at a development level. This approach demands adequate security protocols coded into applications to eliminate any potential vulnerabilities.

For example, a zero-day attack is initiated when hackers hunt for vulnerabilities to exploit and find one. So applications are now thoroughly evaluated during the development cycle to identify and fix any of the app’s potential weaknesses.

Today, organisations take it a step further by engaging in manual penetration tests, black-box analysis, white-box analysis, and more to identify potential flaws missed by internal security teams.

Cloud Security

Cloud security protocols help secure enterprise applications and users on the cloud. Whether it’s a public, private, or hybrid cloud, companies must deploy a variety of technologies to better secure their environment.

Some cloud security tools deployed by companies include:

  • Cloud-Access Security Broker (CASB)
  • Cloud-Based Unified Threat Management (UTM)
  • Secure Internet Gateway (SIG)

While the technologies above help protect the cloud, businesses must also implement robust encryption protocols to protect data in motion and rest.

Endpoint Security

Of all the different IT security protocols, endpoint security is probably the most challenging threat to mitigate. This is because end-users often don’t follow the same security best practices and jeopardise the entire network (often through human error).

With endpoint security, IT security teams must strive to secure every entry point to the network, whether it be computers, mobile phones, or the Internet of Things (IoT). This is not straightforward and often demands extensive third-party IT support to fill the talent gap.

To achieve robust endpoint security, security leaders must also demand regular security training workshops and technologies like sophisticated anti-malware software, encryption tools, and Virtual Private Networks (VPNs).

Network Security

Network security is leveraged to block malicious users from breaching the network while ensuring enhanced usability, reliability, and uncompromising integrity. It’s the most common form of IT security deployed to deny unauthorised access to data generated within the network.

This approach helps ensure enhanced user experiences while maintaining robust security. In this scenario, security teams use endpoint security protocols along with antivirus software, firewalls, and Intrusion Detection and Prevention Systems (IDS/IPS) to strengthen their security posture.

As technology continues to grow more advanced and scale, maintaining robust IT security has become a game of cat and mouse. As hackers discover ever more ingenious ways to exploit vulnerabilities, security teams must adapt to the changes and strive to stay a step ahead of threat actors.

To learn more about how our IT support services can help boost enterprise security, reach out to one of our in-house security experts.

Why you should have Business IT Support

Businesses across industries are increasingly digitally transforming their infrastructure to boost productivity, improve internal processes, enhance customer experiences, and more. However, to ensure smooth and continuous operations, organisations must have robust business IT support.

According to IDC, digital transformation initiatives will help expand the functionality and effectiveness of Australian businesses by 25%, leading to an acceleration of productivity and innovation.

However, the ongoing tech skills shortage threatens to derail such initiatives. The good news is that there’s a cost-effective solution to this problem, namely, managed IT services.

Why are IT support services necessary? Let’s take a look.

You Can Focus on What’s Important, Your Business

When you partner with a managed services provider, you’ll be free to concentrate on growing your business while they handle business IT support, network support, system administration, and more. This approach reduces the risk of any potential downtime and ensures the delivery of enhanced customer experiences.

Seamless and continued access to Helpdesk services also helps keep staff happy and productive. For example, they can focus on important business goals instead of wasting their time trying to solve technology problems.

Corporate IT departments can invest their time in improving products and services (and building new innovative applications). This approach lowers the burden on IT staff and refocuses their attention on business objectives and the customer.

Immediate Access to Top Tech Talent

As technology evolves and becomes more complex, access to experience is critical to ensure security and business continuity. Managed support services allow small and medium-sized enterprises access to top tech talent they can’t (otherwise) afford to hire.

When you sign up for fixed-price IT support, you can get the help you need without any extra or hidden costs. In this scenario, managed IT services supply highly trained technology professionals with hands-on experience working with the latest technologies (to solve even the most complicated problems).

Rapid Implementation Across Departments

The lack of resources often threatens to derail projects. For example, if your in-house IT team implements new applications and systems, you might have to wait for weeks (or even months) before they come to help you with your project.

If you outsource this function, your IT team can focus on more important projects instead of implementation tasks. With the help of a managed services provider, projects are started and implemented without playing the waiting game.

Enhance Overall Security Protocols

All companies, regardless of the business model, generate massive volumes of data. As a result, it’s crucial to support business goals with reliable backup systems, following cybersecurity best practices.

Managed support services help companies keep sensitive employee, customer, and company data secure. This approach also allows businesses to establish disaster and recovery protocols to retrieve lost files and ensure business continuity.

Maximise Operational Efficiency

Technology certainly improves operational efficiency, but misconfigurations and errors can quickly impact your bottom line. With a dedicated business IT support team, you can leverage all the benefits technology has to offer.

When experienced professionals support businesses, they are well-placed to identify new opportunities and scale. So outsourcing tech-support promises to deliver the highest return on investment over time.

This is because you don’t have to worry about costly repairs, expensive new hires, or making poor technology investments. In other words, it’s a specialist support solution at a fixed price (with no hidden costs).

Significant Cost Savings

The primary benefit of managed IT services is cost savings. You don’t have to hire any IT professionals  or spend months trying to recruit them or worry about attrition costs. Instead, you get access to top tech talent without the hefty salaries that go along with it.

If you’re running a business today, you depend on technology. If you don’t have robust IT support, then you’re putting your company and its business processes at risk. However, you can avoid this by partnering with an established managed services provider.

To learn more about business IT support, reach out to one of our in-house experts.

Incremental Backups vs. Differential Backups: What’s the Best Approach for Your Business?

Data loss can happen at any given moment. A cyber-attack or a system failure can corrupt enterprise data and render it useless or, even worse, lead to permanent deletion.

To counter the threat of data loss events, companies require a robust backup strategy to ensure business continuity. While most businesses today routinely backup their data, the effectiveness of this approach lies in the strategy.

There are different backup strategies, but what’s best for your organisation is relative to your business, resources, and industry vertical. When it comes to data backup strategies, most IT support teams recommend a combination of full, incremental, or differential backups.

For this post, we’ll focus on incremental backups and differential backups. Both approaches help save time and disk space by only backing up files that are changed or updated. However, the way they do this is significantly different. 

What’s a Full Backup?

As the name suggests, a full backup involves copying and saving the entire data set of a system. This is usually saved in a separate partition or an external system. As it backs up the whole specified data volume, this approach is time and resource-intensive.

As a result, most businesses schedule full backups weekly, biweekly, or monthly while running incremental or differential backups in between. The frequency of this activity depends on the size of the organisation.

What’s an Incremental Backup?

As mentioned above, the first step in an incremental backup strategy is a full backup. After a full backup, incremental backups, back up any changed data since the last backup.

For example, if you did an incremental backup on Friday, the system will back up all the data changed since the last backup on Thursday. As a result, the backed up data is much smaller, leading to a faster backup. The primary benefit here is shorter time intervals between backups.

Key Advantages of Incremental Backups:

  • Backs up data faster (than full backups)
  • Takes up less storage space (than full backups)
  • Uses less bandwidth

Key Disadvantages of Incremental Backups:

  • Recovery is time-intensive
  • If there’s damage to any part of the backup chain, there’s a significant risk of failed recovery

What’s a Differential Backup?

Similarly, differential backups back up single files or folders that are modified daily. This means that differential backups only save the files and folders that have changed since the last full backup.

Like incremental backups, the process starts with a full backup. Then subsequent backups are deployed to include changes made to the files and folders in the system. This approach allows IT support teams to restore data faster as it only has to restore the backed up components.

Key Advantages of Differential Backups:

  • Backs up data faster
  • Takes up less storage space
  • Rapid restore (as there are only two backup data sets – files and folders)

Key Disadvantages of Differential Backups:

  • Takes up more space (when compared to incremental backups)
  • Much slower back up time than incremental backups

Incremental Backups vs. Differential Backups

 Incremental BackupsDifferential Backups
Backup speedFastestFast
DuplicationDoesn’t store duplicated filesStores duplicate files
Storage SpaceLowMedium to high
Restoration speedSlowFast
Media needed for recoveryThe most recent full backup and all incremental backupsThe most recent full backup and all differential backups

What’s the best data backup strategy for your business?

The best data backup and recovery approach for your company depend on the amount of data that needs to be backed up. For example, if it’s a large corporation, IT support teams will leverage a backup strategy that combines both full and incremental backups.

For small and medium-sized businesses, a full and differential backup approach will suffice (if data volumes are relatively low).

Do you need help developing a robust data backup strategy? We can help! Reach out to one of our in-house experts.

Supercharge your PC’s with the latest nVME SSD Hard drives

If you’re tired of waiting for Outlook to load your emails or having to wait minutes in-between opening excel spreadsheets, you may want to consider upgrading your computer storage. In today’s small business environments; simultaneous computing is a very common and an often-needed ability, yet many PCs are struggling to keep up due to the read / write requirements of modern applications. This is where upgrading your storage can benefit you and increase your productivity.

The most common and slowest type of hard drive is the Hard Disk Drive (HDD) – the way it works is it stores data on a physical disk (think vinyl record style disk) inside of the chassis using a magnetic charge. It comes in a few different speed options although none of them come close to the next type of drive. The main advantage of an HDD is that it is cost effective for a large amount of storage. This meaning that it is rather low cost for a significant amount of data storage compared to the other storage options. If you need to store a large amount of data and do not care about how fast you access it – HDD is the choice.

Next is Solid State Drives (SSD) – the way this one works is using the same magnetic charge style storage as an HDD but without the moving disk inside the chassis hence the name Solid State. In terms of speed; SSDs are around 5x faster than HDDs but come at the cost of being more costly for the same amount of storage, around 1.5 times more costly from our experience. This price difference is rather low for smaller disk sizes used in laptops / workstations but when used in Servers / infrastructure the price difference is quite notable. Our recommended usage is to use SSDs on smaller storage requirement devices that require good read / write speeds (ie; Laptops, Desktops and Workstations) as the difference between an HDD and SSD is very noticeable.

Lastly, we come to the highest performance option, the Non-Volatile Memory Express Drive (NVMe Drive). The main difference between the NVMe drives and its counterparts is the way it accesses the data, instead of using an IDE or SATA connector it is instead plugged directly into the PCI Express slot for faster read / write speeds (if you don’t understand the difference between the connectors just note that the PCI connector has the word ‘Express’ in the name). In terms of speeds, NVMe drives offer 4 times the speed of SSDs which is incredibly fast considering the SSD is already 5 times faster than the HDD. The drawbacks of this being that the system needs to have PCIe slots (which are quite common) and the price. NVMe drives are around 1.2 times the price of an SSD equivalent. This can get quite costly for use in server / infrastructure but for regular user computers / laptops this price is quite manageable considering the speeds it provides. If you need the performance and don’t necessarily care about the costs, NVMe drives are the call. In conclusion, NVMe drives are the fastest and most expensive followed by SSDs which offer a nice middle ground in terms of speed / price and lastly there are HDDs which should only really be used for storage of files and other systems that aren’t actively used (think backups). NVMe drives are 4x faster than SSDs and 20x faster than HDDs whilst being nearly 1.2x the price of SSD equivalents and nearly 2x the price of HDD storage equivalents. The storage solution you use will be dependant on your speed requirements and cost dependencies. If you are willing to spend a bit extra you can get significantly faster speeds which can reduce load times and increase productivity although you should consider upgrading if your Hard Drive is struggling to keep up with your application usage.

Let’s talk about backups

Backups are an essential practice for any organisation aiming for high-availability and redundancy. Nowadays the importance of backups is generally understood but a lot of people tend to overlook how their backups are stored. It’s important to look beyond the scope of your system when analysing critical functions as external factors can be just as impactful as internal events.

So in this blog article, we will be analysing some of the common methods organisations backup their data and evaluate how effective their storage solutions are in the event of a crisis.

This is a thought piece and something to get you thinking about your backups and hopefully landing you in a place where you are at least doing a better job than average of managing your backups.

A very high level look a some of the common types of backups systems:

Backups are something many small business fail to understand and manage.

Method 1: Local Backups to Same Disk (LBSD)

The first method we will be discussing is Local Backups to Same Disk (LBSD). What this means is that the backup information is stored on the same disk as the backup source. This is a rather poor method of protecting your data as it is physically stored on the same disk which puts both the backup source and destination at risk in scenarios of disk failure / data corruption.

Allow me to explain the LBSD ideology with an example being a house with a spare key stored inside the house. In the scenario that you were locked out of that house; the spare key would be useless as it is being physically kept inside the resource that you cannot access. Overall, we don’t recommend any organisation use LBSD backups as their only backup source as they’re not impactful enough in the event of a crisis and often provide a false sense of security.

Method 2: Local Backups to an External Device (LBED)

The next method is Local Backups to an External Device (LBED); this involves backing up your information to an external device that is kept in the same physical location as the source of the backup.  Following our trusty house example; this would be the same as having the spare key be stored outside the house but still close enough if needed in a locked-out scenario (under a doormat or potted plant outside). This is a lot better than LBSD as it is not prone to the same shortcomings of having one unified weakness instead replacing that with two independent devices that would require both disks to fail / corrupt before any data loss occurs.

This means that LBED has twice the redundancy of LBSD for minimal extra effort. However; there are still risks to this method as both disks are physically stored together, meaning that any crisis that affects the entire physical location would still affect both drives. This possibility can be mitigated by having multiple external drives that are rotated between the location and an external safe location.

Remote Backups over the Internet (RBOTI)

The last method we will be discussing is Remote Backups over the Internet (RBOTI). Remote backups are done by running a backup much like LBSD / LBED and uploading the result to a trusted destination across the internet. This removes the risk of any data loss incurred by damage to the hardware or software. In the house / key scenario this would be the equivalent of giving the spare key to a trusted neighbour that can give the key back to you if required. This backup method comes with its own set of risks and challenges though; For instance, the channel that you use to backup the data or the data itself should be encrypted or else you would simply be sending a copy of all your data to every malicious user along its path. It is also important that the recipient is trusted to protect your data and takes measures to prevent malicious access to your data because having a backup is just as valuable as having the original copy for a hacker. Another downside to this method of backup is that the restoration time post-crisis is significantly longer with current infrastructure as the restoration data would need to travel back over the internet to be used locally. All-in-All, we don’t recommend this as an independent backup solution because of its limitations post-crisis.

But what about good old manual offsite backups?

So one thing that we decided to NOT include in our main discussion points is the good old manual offsite backups. This means physically taking data offsite and storing it somewhere safe. This is of course what many people have been doing for years and many still do, but these days it should be the last option you choose after you encounter blockers for the other options. In today’s world, most people are time-poor, and therefore, people are an unreliable part of your backup system, so their failings should be avoided and strictly managed as a result.

What should I be doing?

Well, the answer these days, is usually using a combination of method two and three. By Utilising LBED with a disk rotation as well as RBOTI you are ensuring your data is protected from many common crises that can and will affect your business. It ensures that in the scenario that a simple restoration is required your business is not out of operation for a large amount of time as well as giving you some form of business continuity if for example; your primary business location burns to the ground, or more likely, gets robbed with valuable computers and servers being taken. It also gives you added redundancy in the scenario that the backups themselves have data loss as you will have two possible restoration points.

There are many other discussion points that we could have veered down in this brain dump, but we hope this at least gets the risk management juices flowing. On a closing note, if you are in a position where you are managing a businesses data, being your own business or as a manager in anothers business, do yourself a favor and call AUIT and book in for a free consultation with one of our Business Risk Managers. We have some very affordable ways to greatly enhance and assist you with reducing your I.T business risks, as well as increasing productivity and meeting security standards.

At AUIT we love to have a chat with business owners and hearing about your experiences, so please feel free to comment on this article, or give us a call or an email anytime. All of our quotes and recommendations are 100% obligation free, so please do reach out to us at any time.

2 Factor Authentication

Keeping on the same train of thought as our last blog post about PASSWORD POLICIES; we will be talking today about two-factor authentication (2F / 2Factor), what it is and why it’s important.

The short version explanation of two-factor authentication is the use of a secondary external method of authentication as an added layer of security when accessing sensitive information. Throughout the past decade, the usage and reliance on 2FA has increased dramatically as cyber-attacks are becoming more complex and harder to protect against. Two-Factor authentication is an easy and effective way to essentially double the protection against attackers.

But what exactly is two-factor authentication and how does it work?

Two-factor authentication is when a software/service requires two separate forms of authentication before allowing access to a piece of sensitive information. This can be anything as long as both methods are secure and unable to manipulate/control the other.

For example, when accessing your Office 365 account it would require your password (stored in your Memory / Computer) as well as an authentication code from an app on your phone (stored on Phone).

This means that if an attacker wants to access your account they would require both your phone as well as access to your password. There are lots of different versions of this concept, but they all revolve around the same principle of two isolated forms of authentication. The isolation is important because if one of the authentication methods can control the other then it is the same as having a singular authentication method. Consider the above example;

If the mobile phone also had the users Office 365 password stored on it then the entire system becomes insecure. If that mobile phone is stolen the attacker now has access to the password and the secondary authentication method. This is why it is so important to keep your two-factor authentication methods separate.

But why does it matter?

Well over the past decade or so technology has advanced at an incredible rate. What was once secure is now considered ‘child’s play’ to compromise in the modern age of technology.

Take the example of an 8-character password matching Microsoft’s password requirements;


By today’s standards, it would take 36.99 minutes to crack without password retry timeout policies.
That isn’t very long for a dedicated attacker – but with two-factor authentication, it wouldn’t matter because they don’t have access to the secondary form of authentication.

When should you be using two-factor authentication?

The short answer is anywhere that contains data you want to protect. The negatives of two-factor are that it increases the time taken to login to secured services/areas; so if it’s a service that contains information that you are willing to lose you could choose to not use two-factor. However, given the effectiveness of 2-factors ability to protect your information I’d say the benefits outweigh the negatives and you should use it wherever possible.

In summary, two-factor is the use of two separate authentication methods to protect data access to a secure service/software. It effectively doubles the security of the service being protected by adding an external layer that would need to be compromised if an attacker wanted to steal your data and lastly, you should use two-factor authentication wherever you can that stores information you want to protect.