How to Manage Two Factor Sprawl
Technology Understanding Cybersecurity
This article is a follow up to the two factor – what and why article which overviewed what two factor is and why it’s coming to the accounting industry so rapidly. It is a quick two-minute non-tech plain-speak on how firms will approach two-factor in 2019 without impacting productivity.
What is identity?
“Identity” is the IT term for the system that all users’ logins are stored (usernames and passwords). Servers use a Microsoft product called ‘Active Directory’ to govern what a user can and can’t do inside a Windows environment. In the days of 100% server your IT company created this identity when someone started working at your firm and then they disabled it when the person leaves. Because it was a server, mobile access wasn’t productive and breaches weren’t a thing which made security much less complex.
How did the cloud change that?
In more recent years, the new school of browser-based apps led by Xero created their own identity without the mobility constraints of a server. That was fine in the early days, but as time’s gone and firms have acquired more and more cloud apps equalling more and more logins making managing access more difficult for a practice manager and increasing the risk of online fraud due to passwords getting stolen.
That’s a headache in itself so when you add the complexity of two factor logins, it’s going to be confusing and inconvenient with all different apps in a firm’s stack having their own separate two factor process.
This ‘single doorway’ to everything
To tackle this and keep your life simple, software vendors are busily adopting a single sign on technology called “SAML” aka “Federation” which means a team member can logon once using a single two factor method then access all cloud and server-based apps without being asked to remember or present passwords or two factor tokens throughout the day. User convenience and productivity aside, it’s about control because the firm can on and off-board access through a single identity and rid themselves of the ‘app sprawl’ that cloud has brought about.
In effect, instead of a separate key for each app (and your server) you get one set of front door keys that gets you into all apps as icons on a single page making life for them, their practice manager and IT guy easier.
Understanding this at a basic level in order to make the right decisions to consolidate your firm’s access now before two factor becomes a thing next year is a smart way to maintain compliance without adding clunky IT admin process to your business.
Click here to discuss this in more detail.
This article was written by Jamie Beresford, CEO of Practice Protect who’s sole focus is protecting accounting firms’ reputations with tools, policies and education to keep data safe without sacrificing convenience.