- Posted by Ally Roos
- On 13/01/2020
Passwords have long been a staple in cybersecurity. Everyone knows that a strong password is vital to safeguard mobile devices and sensitive information. Passwords must be unique 12-character sequences with a good mix of letters, numbers, and symbols. However, even the longest and most complex passwords can be a system’s weak link.
Cybercriminals are constantly developing sophisticated and covert methods to get around passwords. They use brute force programs designed to guess password combinations and trick people into giving them away through online scams. In fact, a 2019 study found that 79% of cyber incidents in Australia were caused by compromised credentials.
If you’re in the field service industry, relying solely on passwords to secure your mobile devices isn’t enough. You need multi-factor authentication (MFA) to protect your most sensitive assets, and here are several reasons why.
Adds another layer of security
MFA is a method of verifying the user’s identity with more than just a password. Field staff must provide two out of three authentication factors to gain access to their mobile devices. These authentication factors include:
Information that is known only to the user such as passwords, answers to security questions, or PIN codes
Something the user owns like a hardware token that generates temporary passcodes or a smartphone that receives authentication codes via SMS
A biological trait that’s unique to the user like a fingerprint, voice, or facial profile
The principle behind MFA is that each authentication factor makes up for the shortcomings of another factor. Passwords, which are susceptible to brute force and online scams, can be supplemented by hardware tokens or fingerprint scans. Unless hackers have access to all the necessary authentication factors, they won’t be able to breach your company’s mobile devices.
Prevents identity theft
When passwords are the only thing standing between your data and cybercriminals, identity theft is inevitable. If cybercriminals manage to guess your password, they’ll have access to all the data stored on your mobile device. This could be anything from customer information to financial records.
From there, cybercriminals can sell the data on the black market or use it for more nefarious activities. For example, fraudsters could change billing details so that they get paid for your hard work. MFA prevents this from happening by making sure hackers can’t easily log in to your devices.
Minimises the impact of lost or stolen devices
MFA tools protect your devices even if they’re lost or stolen. From a central console, you can configure company-registered devices to ask for additional authentication factors based on a user’s location. If cybercriminals try to hack into stolen devices from an unknown location, MFA will prevent them from going any further.
What’s more, MFA sends email alerts to confirm whether someone is trying to hack into your misplaced device. This allows you to catch wind of a breach before it happens and respond accordingly. If there are any unauthorised login attempts, you can change your passwords or wipe your device remotely with mobile device management software.
Simplifies login processes
Field staff may be skeptical of MFA because it adds another step to logins, but it can actually streamline the process. The extra layer of security provided by MFA enables organisations to reimagine their login processes with single sign-on.
Single sign-on uses MFA to log users into multiple systems. Once users provide all the credentials necessary to access mobile devices, they are automatically granted access to apps linked to their account. This saves field staff from having to log in to job management apps, accounting systems, and other software separately. Instead of managing (and remembering) several complex passwords, single sign-on and MFA make the entire login process stress-free.
Field service organisations are legally required to protect the privacy of personal information in accordance with the Privacy Act of 1988. Under this law, companies must take appropriate steps to prevent unauthorised access to their systems. Enabling MFA on mobile devices is a key step to achieving this. It makes breaking into company systems considerably more difficult and, as a result, handling personal and financial information is much safer.
By contrast, mobile devices without MFA increase the risk of data breaches and noncompliance penalties. This means you’re liable to pay fines up to $1.8 million, and lose millions more due to the potential customer backlash. You’re also required to promptly report any resulting breaches to the Office of the Australian Information Commissioner (OAIC) and affected parties. Failing to do so can lead to even bigger fines and penalties.
Protects your reputation
Data breaches resulting from compromised credentials lead to revenue losses, but they also put your company’s reputation at risk. After all, existing clients are less likely to trust your company if they find out your passwords are compromised.
Even potential customers will be hesitant to work with your company if you have a poor track record with security. The only way to avoid these issues is to implement a comprehensive security strategy. MFA is just one element in this, but it does ensure that your passwords aren’t such a huge liability.
MFA is a no-brainer for field staff who are relying more on mobile devices for work, but this isn’t the only tool they need. Field service must have a highly optimised job management software like WorkBuddy. It’s equipped with dozens of productivity-boosting features, and it’s MFA-enabled, too! Call us today or request a free demo to learn more.