The spate of hacking attempts shows no abatement and 2019 has revealed a startling increase in attacks on online identities, particularly aimed at Office 365 users. Some of the phishing attacks, where the hacker tries to trick you into divulging your password and other sensitive data, are crude and easily identifiable. However, recent Office 365 scams, with emails purporting to come from Microsoft requiring you to sign in to your Office 365 account, look legitimate, with the language, style and logos you would expect to find on an official Microsoft email. Suffice it to say, the most complex password in the world won’t protect you when you have essentially handed it over in one of these attacks.
The best way to protect your online identities is with 2FA (Two Factor Authentication). 2FA effectively adds an additional step to your usual logon process that requires you to provide an additional form of authentication to log into your account. Once you enter your username and password you will be prompted for a PIN texted to your mobile phone, sent to an alternate email address or delivered via an automated call or push notification on a mobile app. It sounds complicated, but it isn’t, and the inconvenience is minimal, especially when you compare it to the damage that can be caused by a stolen identity.
2FA can protect you against a range of cyber attacks, even those out of your control, for example when your data is stolen in a prolific hack on a reputable entity like BAA, hackers will not be able to access your account without the additional form of authentication. 2FA also protects you against phishing emails. If someone sends you a dodgy email that tries to trick you into logging in with your Office 365 credentials, 2FA will protect your account.
All reputable sites and services offer 2FA. Office 365 Multi Factor Authentication is included in all Office 365 licenses. The biggest misnomer is that you will be required to use 2FA each time you open Outlook. This is incorrect. Once your installation of Outlook is successfully authenticated with 2FA, you continue to use it as normal, until the installation is flagged as ‘at risk’, out of date or after an extended period of inactivity.
We can’t stress the importance of 2FA enough. We will be contacting all of our customers over the coming weeks to discuss 2FA for Office 365 and beyond. If you have any questions in the interim, please don’t hesitate to contact us.