CERT NZ says it’s “too easy” for businesses to protect themselves with 2FA

Two-factor authentication is an easy step that protects small businesses and the information they value.

2 May 2022

CERT NZ is encouraging small-to-medium businesses to implement two-factor authentication (2FA) as part of its new Two Steps, Too Easy campaign.

CERT NZ says that while cyber security is one of the top concerns for businesses, they often don’t know where to start. 2FA is an easy step that businesses can take to protect the things that are important to them.

With a 2FA process, when accessing an online account, users need their password and something else– usually a uniquely generated code sent to their phone. This means even if someone else gets hold of their login and password, there’s have a second layer of security to keep those people out.

“By adding 2FA, you significantly reduce the risk of a cyber security attack,” said CERT NZ director Rob Pope. “This easy step gives you peace of mind when protecting your clients’ and customers’ data along with your own finances.”

“We recommend businesses set 2FA for all their most important accounts – including banking, email and social media accounts.”

Internationally, the consensus is nearly all so-called “account compromise attacks”, where someone is attempting to access your business’s emails, bank accounts, or social media would be thwarted with 2FA. CERT NZ’s own data shows that, in the first quarter of this year alone, over 65% of comprised accounts reported to the agency could have been protected if they had 2FA in place.

Account compromise attacks can lead to further risks such as unauthorised access to accounts or impersonation of a business in order to send fake invoices.

By putting 2FA in place, a business reduces the risk of attackers getting that access, giving business owners one less thing to worry about.

CERT NZ has spoken to five small business owners who use 2FA and know how useful it can be. From sole traders to online retailers to small industrial companies, each business type has different needs and processes, but 2FA works for every situation as a quick and easy protection.

Find out more about 2FA and read the five business case studies on the CERT NZ website to learn why and how each chose to implement 2FA to protect what they value.