Using multi-factor (MFA) and two-factor authentication (2FA) is imperative for the safety of every website, online account, and desktop, laptop, or mobile device. However, it’s doubly important in the legal industry, where almost everything is protected by confidentiality and regulatory compliance. It sounds incredibly technical, but in reality MFA and 2FA systems are relatively easy to put into place.

What is Multi-Factor and Two-Factor Authentication?

Multi-factor and two-factor authentication are ways of validating who you are. Only after providing multiple forms of identity verification (just two for 2FA) are you allowed to view or edit files, folders, or services. MFA requires that you provide some combination of the following:

  • Something you know– passwords, answers to personal questions, etc.
  • Something you own– a paired smartphone, keycard, or other physical authentication device
  • Something you are– fingerprint, facial scan, voice identification, etc.

All three variables together is ideal, but two should be enough to thwart unauthorized access to an account. One example of an MFA process would be a desktop computer account that requires a password, then a confirmation on your phone that is unlocked by your fingerprint.

Why Is This Important?

Information security is critical in today’s online landscape. With breaches and hacks occurring with alarming regularity — even here in Toronto — safeguarding your business demands that you keep customer information private and confidential.

Law firms have not been spared from the seemingly endless barrage of hacks and breaches. In fact, according to the Law Firm Cybersecurity Report Card, 40% of surveyed law firms were hacked or breached in 2016.

The worst part? They weren’t aware of it until well after it happened.

Where to Start?

MFA or 2FA can be added to a number of different systems and applications. Particular focus should be with any application or system that contains sensitive information that can be accessed remotely. Citrix or Remote Desktop Server solutions are a great place to start implementing MFA or 2FA, as they often provide access to sensitive data and applications.

Enabling MFA in Office 365

Office 365 and most cloud-based storage platforms allow you to enable 2FA or even MFA. This adds an extra layer of protection between your sensitive client and case information and the outside world. Setting it up takes only a matter of minutes.

  • At the top right corner of the Microsoft Office homepage, click on the little gear icon that indicates the Settings window.
  • Scroll down and select Office 365. This will bring you to your account overview.
  • Then choose Security and Privacy on the left-hand side.
  • Click on Additional Security Verification.

From here, you can choose what info you want to provide when using 2FA, including mobile phone-based prompts. Using this is good because if there is an issue, you get alerts on your phone regarding your account.

For MFA on the homepage of Office 365, select the Admin Portal, which will give you a complete overview of all your organization’s accounts and their login methods. Keep in mind that these settings should be configured by trained professionals — especially if compliance is on the line.

Ready To Get Authentic?

Making the most of cloud-based services is essential to your bottom line. For law firms looking to streamline their efficiency without compromising security, Remote Access and Office 365 are an exceptional place to begin.

If you work with a dedicated IT support provider like Vertex, they can assist you with formulating your cloud strategy as well as ensuring that the best, safest security options are put in place to safeguard your information and control access to your sensitive data.

Vertex is a full-service IT support and cloud provider that serves Toronto and the surrounding areas and specializes in IT solutions that meet the unique needs of the legal profession. With a host of managed IT services to suit any size firm, Vertex is ready to shoulder your IT burden for you. Contact us today for an IT strategy that works for you.