Knowing who is on the network and accessing your information is crucial. An important way to help with that is the use of multi-factor authentication (also known as two-factor authentication, or 2FA).
2FA requires multiple credentials, making it much harder for an attacker to gain access to your accounts. With 2FA, a user needs the following:
- Something you know, such as a password
- And/or something you have, such as a token (Google Authenticator, Authy, Okta, RSA, etc.) or a verification code sent to your phone, or
- Something you are, such as your fingerprint or face (biometrics)
Depending on your environment, the actions that need to be taken to implement 2FA will differ. You will need to take appropriate action.
If your organization has a centralized work environment (servers are located at a central office), then the IT department will most likely use RSA, Symantec VIP or some sort of corporate 2FA mechanism.
If your organization is more decentralized and using the cloud for many services, this is where you and your IT department will enable 2FA on those services and have users download an authenticator tool such as Google Authenticator or Authy (additional tools can be found in the GCA Cybersecurity Toolkit). The actions below are just a few examples of how to implement 2FA.