{"id":8496,"date":"2022-04-20T11:40:13","date_gmt":"2022-04-20T10:40:13","guid":{"rendered":"https:\/\/www.sage.com\/en-ie\/blog\/?p=8496"},"modified":"2024-11-25T13:37:54","modified_gmt":"2024-11-25T13:37:54","slug":"effective-data-security-strategy","status":"publish","type":"post","link":"https:\/\/www.sage.com\/en-ie\/blog\/effective-data-security-strategy\/","title":{"rendered":"How to create an effective data security strategy for your business \u2013 starting with 2FA"},"content":{"rendered":"<header class=\"entry-header has-dark-background-color entry-header--has-illustration entry-header--has-illustration--generic\">\n\t<div class=\"container\">\n\t\t<div class=\"entry-header__row row align-center\">\n\t\t\t<div class=\"col col-lg-7 col-xlg-6 entry-header__content\">\n\t\t\t\t\t\t\t<div class=\"component component-single-header\">\n\t\t\t\t\t\t\t\t\t\t<div class=\"entry-header__misc text--subtitle text--uppercase text--small\">\n\t\t\t\t\t\t\t<a href=\"https:\/\/www.sage.com\/en-ie\/blog\/category\/technology-innovation\/\" class=\"entry-header__link\">Technology &amp; Innovation<\/a>\t\t\t\t\t\t<\/div>\n\t\t\t\t\n\t\t\t\t<div class=\"entry-title-wrapper\">\n\t\t\t\t\t<h1 class=\"entry-title\">\n\t\t\t\t\t\tHow to create an effective data security strategy for your business \u2013 starting with 2FA\t\t\t\t\t<\/h1>\n\t\t\t\t<\/div>\n\n\t\t\t\t\t\t\t\t\t<p class=\"entry-header__description\">\n\t\t\t\t\t\t\t\t\t\t\t<\/p>\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t<\/div>\n\n\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t<\/div>\n\t<div class=\"single-post-details container\">\n\t\t<div class=\"col\">\n\t\t\t<span class=\"posted-on \"><time class=\"entry-date published\" datetime=\"2022-04-20T11:40:13+01:00\">20 April, 2022<\/time><\/span><span class=\"reading-time\"> min read<\/span>\n\t\t<button\n\t\t\ttype=\"button\"\n\t\t\tclass=\"social-share-button button button--icon button--secondary js-social-share-button\"\n\t\t\tdata-share-title=\"How to create an effective data security strategy for your business \u2013 starting with 2FA\"\n\t\t\tdata-share-url=\"https:\/\/www.sage.com\/en-ie\/blog\/effective-data-security-strategy\/\"\n\t\t\tdata-share-text=\"Please read this interesting article\"\n\t\t>\n\t\t\t<span class=\"social-share-button__share-label\">Share<\/span>\n\t\t\t<span class=\"social-share-button__copy-label\" hidden>Copy Link<\/span>\n\t\t\t<span class=\"social-share-button__copy-tooltip\" aria-hidden=\"true\" hidden>Copied<\/span>\n\t\t<\/button>\n\n\t\t\t\t<\/div>\n\t<\/div>\n<\/header>\n\n\n<div class=\"wp-block-post-author has-dark-background-color alignfull\">\n\t<div class=\"container\">\n\t\t<div class=\"col\">\n\t\t\t\t\t\t\t<div class=\"co-authors\">\n\t\t\t\t\t\n\t\t<div class=\"entry-author-wrapper\">\n\t\t\t<a class=\"entry-author\" href=\"https:\/\/www.sage.com\/en-ie\/blog\/author\/marksamuels\/\">\n\t\t\t\t<img decoding=\"async\" alt=\"\" src=\"https:\/\/www.sage.com\/en-gb\/blog\/wp-content\/uploads\/sites\/10\/2022\/03\/Mark-Samuels.jpg\" class=\"entry-author__image\" height=\"40\" width=\"40\" fetchpriority=\"high\" \/>\t\t\t\t<span class=\"entry-author__name\">Mark Samuels<\/span>\n\t\t\t<\/a>\n\n\t\t\t\t\t<\/div>\n\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t<\/div>\n<\/div>\n\n\n\n<p>Small and medium-sized enterprise (SMEs) are under constant threat from cyberattacks.<\/p>\n\n\n\n<p>But there are relatively simple steps businesses can take, such as implementing two-factor authentication (2FA), that will help stop most threats.<\/p>\n\n\n\n<p>Read on for advice on how you can get started on an effective data security strategy for your organisation.<\/p>\n\n\n\n<p>Here\u2019s what we cover:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"#what\">What is 2FA and what does it mean for businesses?<\/a><\/li>\n\n\n\n<li><a href=\"#why\">Why are SMEs more vulnerable than larger businesses?<\/a><\/li>\n\n\n\n<li><a href=\"#does\">Why does my business need tighter security policies?<\/a><\/li>\n\n\n\n<li><a href=\"#the\">What are the potential costs of not using 2FA?<\/a><\/li>\n\n\n\n<li><a href=\"#should\">Why should you update your defences and policies?<\/a><\/li>\n<\/ul>\n\n\n\n<div class=\"single-cta\">\n\t<a\n\t\tclass=\"button button--primary gate-22eaecb8-922f-4375-9c86-3ce8792a98f0\"\n\t\trole=\"button\"\n\t\tdata-button-location=\"content_area\"\n\t\thref=\"#gate-22eaecb8-922f-4375-9c86-3ce8792a98f0\"\n\t>Download your free guide, 7 ways to take control of your business, and take steps now to master your business admin <\/a>\n<\/div>\n\n\n\n\n<h2 class=\"wp-block-heading\" id=\"what\">What is 2FA and what does it mean for businesses?<\/h2>\n\n\n\n<p>In simple terms, <a href=\"https:\/\/www.sage.com\/en-ie\/security\/2fa\/\" rel=\"noopener noreferrer\">2FA is an electronic authentication method<\/a> that lets the right users in and keeps the bad actors out.<\/p>\n\n\n\n<p>2FA <a href=\"https:\/\/www.investopedia.com\/terms\/t\/twofactor-authentication-2fa.asp\" rel=\"noopener noreferrer\">uses two factors<\/a> to verify a user.<\/p>\n\n\n\n<p>When 2FA is applied to a website, service or application, an individual will only be granted access once they have provided two forms of verification.<\/p>\n\n\n\n<p>Let\u2019s think of an example.<\/p>\n\n\n\n<p>You add 2FA to your email account, which means anyone trying to access your account will need two forms of verification to access your email.<\/p>\n\n\n\n<p>These forms \u2013 or factors \u2013 of authentication fall into the following three categories:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Something you know, such as a PIN or a password<\/li>\n\n\n\n<li>Something you have, such as a mobile phone or secure USB key<\/li>\n\n\n\n<li>Something you are, such as fingerprint or facial recognition.<\/li>\n<\/ul>\n\n\n\n<p>2FA provides an additional layer of security for users, businesses and the potentially sensitive information they hold.<\/p>\n\n\n\n<p>Some SMEs might be concerned that adding required authentication factors creates an extra burden for their business and its users.<\/p>\n\n\n\n<p>However, as we\u2019ll explain below, 2FA is a minor adjustment that could save your organisation from some major problems.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"why\">Why are SMEs more vulnerable than larger businesses?<\/h2>\n\n\n\n<p>If you\u2019re looking for a straightforward explanation as to why you should apply 2FA, then perhaps the easiest answer is this: it will make your business more secure.<\/p>\n\n\n\n<p>The US Securities and Exchange Commission says <a href=\"https:\/\/www.sec.gov\/news\/statement\/cybersecurity-challenges-for-small-midsize-businesses.html\" rel=\"noopener noreferrer\">SMEs are attractive targets<\/a> because they\u2019re easier to hack than larger organisations.<\/p>\n\n\n\n<p>The reason is simple: SMEs face the same threat landscape as larger organisations but must do so with far fewer resources.<\/p>\n\n\n\n<p>While most businesses (53%) believe their IT budgets will grow during the next 12 months, larger organisations remain more optimistic about the future: <a href=\"https:\/\/swzd.com\/blogs\/the-2022-state-of-it-in-enterprises-vs-smbs\/\" rel=\"noopener noreferrer\">64% of enterprises plan to raise IT budgets versus 45% of SMEs<\/a>, reports Spiceworks Ziff Davis.<\/p>\n\n\n\n<p>Large enterprises have been aware of the potential cyber risk for a long time, and may even have been the target of a cyberattack.<\/p>\n\n\n\n<p>In most cases, enterprise IT chiefs are matching an increased understanding of cyber risk with a commensurate investment in security.<\/p>\n\n\n\n<p>And many smaller firms are now adopting a range of security measures for the first time, partly due to the need to support increased levels of remote working.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.analysysmason.com\/research\/content\/articles\/smb-cyber-security-spending-ren04\/\" rel=\"noopener noreferrer\">SMEs globally will spend $90bn (\u20ac83bn) cybersecurity in 2025<\/a>, up from $57bn (\u20ac52bn) in 2020, which represents a 10% year-on-year increase, according to researcher Analysis Mason.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"does\">Why does my business need tighter security policies?<\/h2>\n\n\n\n<p>SMEs need to implement a range of IT security controls to ensure their staff and their data are safe in a world of hybrid working.<\/p>\n\n\n\n<p>There\u2019s been a dramatic rise in the number of SME employees working from home due to the coronavirus pandemic.<\/p>\n\n\n\n<p>What\u2019s more, many of them <a href=\"https:\/\/www.techrepublic.com\/article\/over-half-of-us-smbs-plan-to-maintain-remote-working-for-employees\/\" rel=\"noopener noreferrer\">will continue to work from home<\/a> \u2013 at least for some of their working week.<\/p>\n\n\n\n<p>Research suggests this shift to remote working has left small business owners feeling nervous.<\/p>\n\n\n\n<p>More than <a href=\"https:\/\/press.avast.com\/the-larger-the-smb-the-stronger-the-headaches-around-security-concerns-due-to-remote-working\" rel=\"noopener noreferrer\">three-quarters (76%) of IT decision makers in SMEs<\/a> say they have more security concerns since the start of the pandemic, according to a survey by market research specialist Dynata and Avast.<\/p>\n\n\n\n<p>Modern businesses are heavily reliant on an ever-increasing range of applications across devices.<\/p>\n\n\n\n<p>Once employees are outside the safe confines of the enterprise firewall, it can be harder to ensure they\u2019re working securely.<\/p>\n\n\n\n<div class=\"single-cta\">\n\t<a\n\t\tclass=\"button button--primary gate-22eaecb8-922f-4375-9c86-3ce8792a98f0\"\n\t\trole=\"button\"\n\t\tdata-button-location=\"content_area\"\n\t\thref=\"#gate-22eaecb8-922f-4375-9c86-3ce8792a98f0\"\n\t>Download your free guide, 7 ways to take control of your business, and take steps now to master your business admin <\/a>\n<\/div>\n\n\n\n\n<h2 class=\"wp-block-heading\" id=\"the\">What are the potential costs of not using 2FA?<\/h2>\n\n\n\n<p>Microsoft has estimated that <a href=\"https:\/\/www.zdnet.com\/article\/microsoft-99-9-of-compromised-accounts-did-not-use-multi-factor-authentication\/\" rel=\"noopener noreferrer\">as many as 99.9% of the compromised accounts<\/a> it tracks don\u2019t use two-factor authentication.<\/p>\n\n\n\n<p>Worse still, its research suggests just 11% of businesses globally have 2FA enabled to help protect highly sensitive information.<\/p>\n\n\n\n<p>But what\u2019s the worst thing that could happen if a user\u2019s account is accessed?<\/p>\n\n\n\n<p>Does it really matter if someone\u2019s email or another business service is cracked open?<\/p>\n\n\n\n<p>The simple answer is yes\u2014and the potential damage could be catastrophic.<\/p>\n\n\n\n<p>Credentials is the <a href=\"https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/\" rel=\"noopener noreferrer\">top category (44%) of compromised data<\/a> in global SME breaches. Simple services such as email are often the gateway to a much bigger prize.<\/p>\n\n\n\n<p>A corporate email account can include sensitive information, such as contract details and customer information.<\/p>\n\n\n\n<p>Once an errant individual has access to one system, they\u2019ll find it much easier to use the information they glean to access others\u2014and the costs to your business can be great.<\/p>\n\n\n\n<p>Almost a quarter (23%) of small businesses <a href=\"https:\/\/www.hiscox.com\/articles\/average-annual-cost-cyber-attacks-us-small-business-25k-reveals-hiscox\" rel=\"noopener noreferrer\">suffered at least one cyberattack in the past 12 months<\/a>, according to insurer Hiscox.<\/p>\n\n\n\n<p>The average annual financial cost of these incidents was as much as $25,000 (\u00a323,000).<\/p>\n\n\n\n<p>Building the reputation of your business takes years of work. This effort can be undone in minutes by a cyberattack.<\/p>\n\n\n\n<p>Some estimates suggest <a href=\"https:\/\/www.sec.gov\/news\/statement\/cybersecurity-challenges-for-small-midsize-businesses.html\" rel=\"noopener noreferrer\">60% of small companies go out of business<\/a> within six months of falling victim to a data breach or cyberattack.<\/p>\n\n\n\n<p>Then there\u2019s the potential financial damage from an attack.<\/p>\n\n\n\n<p>From business disruption costs to legal fees and on to regulatory fines, small businesses that fail to keep their data safe could find themselves facing a significant and potentially unsurmountable bill.<\/p>\n\n\n\n<p>Even if a company does survive, it\u2019ll then face the remedial costs of putting business right after an incident.<\/p>\n\n\n\n<p>Correcting those issues after the event will likely cost a lot more than a preventative solution that\u2019s as simple to implement as 2FA.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"should\">Why should you update your defences and policies?<\/h2>\n\n\n\n<p>Cybersecurity remains a constant area of risk for businesses.<\/p>\n\n\n\n<p>But the good news is that <a href=\"https:\/\/newsroom.cisco.com\/press-release-content?type=webcontent&amp;articleId=2216914\" rel=\"noopener noreferrer\">90% of professionals now consider privacy a business imperative<\/a>, according to Cisco.<\/p>\n\n\n\n<p>In fact, more than 60% of professionals believe they\u2019re getting significant business value from investing in IT security.<\/p>\n\n\n\n<p>2FA is a straightforward tactic that stops most unauthorised access.<\/p>\n\n\n\n<p>When something so simple can have such a large impact, can you really afford to not put the right processes and policies in place?<\/p>\n\n\n\n<p>Consider applying 2FA as part of a three-step approach to security:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Assess your options<\/h3>\n\n\n\n<p>Most leading software tools now include built-in options for 2FA.<\/p>\n\n\n\n<p>SMEs that want to create a holistic option to 2FA should consider a layered approach that provides policies, capabilities and dashboards to monitor and assess authentication to services.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Train your employees<\/h3>\n\n\n\n<p>There\u2019s no point going to the trouble of implementing 2FA if some people aren\u2019t using the technology.<\/p>\n\n\n\n<p>Your security will only be as strong as the weakest point in the chain, so make sure 2FA is the business standard. Every employee should be signed up and every login to a system that holds sensitive data should require two-factor authentication.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Review your tactics<\/h3>\n\n\n\n<p>Implementing effective cybersecurity is an evolving process.<\/p>\n\n\n\n<p>Whatever tactics you employ, the people who are trying to hack your systems will find new ways to put your data at risk.<\/p>\n\n\n\n<p>Any IT security policy \u2013 including using 2FA \u2013 must be subject to a regular review to ensure data is protected. Create a plan for incidents and test worst-case scenarios.<\/p>\n\n\n\n<p>A business that prepares is one that\u2019s most likely to deal with a crisis successfully.<\/p>\n\n\n\n<p><p class=\"\"><strong><em>Want to know more about cybersecurity for your business? Check out <a href=\"https:\/\/www.sage.com\/en-ie\/security\/2fa\">how we use 2FA to keep your data safe<\/a>.<\/em><\/strong><\/p><br>\n<div class=\"single-cta gated-content\">\n\t<div class=\"single-cta__positioner\">\n\t\t<div class=\"single-cta__wrapper has-dark-background-color\">\n\t\t\t<div class=\"single-cta__content\">\n\t\t\t\t\t\t\t\t<h2 class=\"single-cta__title h3\">7 ways to take control of your business <\/h2>\n\n\t\t\t\t\t\t\t\t\t<div class=\"single-cta__description\">\n\t\t\t\t\t\t<p>Want to know how you can boss it at your business? Read this guide for top tips to help you master your business admin and truly take control.<\/p>\n\t\t\t\t\t<\/div>\n\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a\n\t\t\t\t\t\thref=\"#gate-22eaecb8-922f-4375-9c86-3ce8792a98f0\"\n\t\t\t\t\t\tclass=\"single-cta__button button button--primary\"\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t>Download your free guide<\/a>\n\t\t\t\t\t\t\t<\/div>\n\n\t\t\t\t\t<\/div>\n\n\t\t\t\t\t<img decoding=\"async\" width=\"1440\" height=\"810\" src=\"https:\/\/www.sage.com\/en-ie\/blog\/wp-content\/uploads\/sites\/13\/2022\/04\/GettyImages-1289906599-1440x810.jpg\" class=\"single-cta__image\" alt=\"\" loading=\"lazy\" srcset=\"https:\/\/www.sage.com\/en-ie\/blog\/wp-content\/uploads\/sites\/13\/2022\/04\/GettyImages-1289906599-1440x810.jpg 1440w\" sizes=\"auto, (min-width: 48em) 33vw, 100vw\" \/>\t\t\t<\/div>\n<\/div>\n<\/p>\n\n\n\n\n\n<div class=\"single-cta\">\n\t<div class=\"single-cta__positioner\">\n\t\t<div class=\"single-cta__wrapper has-dark-background-color\">\n\t\t\t<div class=\"single-cta__content\">\n\t\t\t\t\t\t\t\t<h2 class=\"single-cta__title h3\">Subscribe to the Sage Advice newsletter<\/h2>\n\n\t\t\t\t\t\t\t\t\t<div class=\"single-cta__description\">\n\t\t\t\t\t\t<p>Join 1.5 million subscribers and get the best business admin strategies and tactics, as well as actionable advice to help your company thrive, in your inbox every month.<\/p>\n\t\t\t\t\t<\/div>\n\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a\n\t\t\t\t\t\thref=\"#gate-53abbdcc-410c-4c8c-bf97-ca5c6982eebd\"\n\t\t\t\t\t\tclass=\"single-cta__button button button--primary\"\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t>Subscribe now<\/a>\n\t\t\t\t\t\t\t<\/div>\n\n\t\t\t\t\t<\/div>\n\n\t\t\t\t\t<img decoding=\"async\" width=\"999\" height=\"666\" src=\"https:\/\/www.sage.com\/en-ie\/blog\/wp-content\/uploads\/sites\/13\/2021\/04\/z.5E3A0481_All-Uses.jpg\" class=\"single-cta__image\" alt=\"\" loading=\"lazy\" srcset=\"https:\/\/www.sage.com\/en-ie\/blog\/wp-content\/uploads\/sites\/13\/2021\/04\/z.5E3A0481_All-Uses.jpg 999w\" sizes=\"auto, (min-width: 48em) 33vw, 100vw\" \/>\t\t\t<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Businesses face a growing cyber threat but many aren&#8217;t taking steps to protect their data. Here&#8217;s how multi-factor authentication can help.<\/p>\n","protected":false},"author":1351,"featured_media":8320,"menu_order":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_sage_video":false,"post_featured_image_hide":false,"footnotes":""},"categories":[166],"tags":[151,160],"business_type":[5,4],"lilypad":[],"context":[],"industry":[],"persona":[211,232],"imagine_tag":[212,230],"coauthors":[449],"class_list":["post-8496","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology-innovation","tag-security-fraud","tag-workplace-technology","business_type-small-business","business_type-medium-sized-business"],"sage_meta":{"region":"en-ie","author_name":"Mark Samuels","featured_image":"https:\/\/www.sage.com\/en-ie\/blog\/wp-content\/uploads\/sites\/13\/2022\/04\/GettyImages-1181223319.jpg","imagine_tags":{"212":"Mid-sized business","230":"Small business"}},"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Sage Advice Ireland","distributor_original_site_url":"https:\/\/www.sage.com\/en-ie\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/posts\/8496","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/users\/1351"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/comments?post=8496"}],"version-history":[{"count":0,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/posts\/8496\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/media\/8320"}],"wp:attachment":[{"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/media?parent=8496"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/categories?post=8496"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/tags?post=8496"},{"taxonomy":"business_type","embeddable":true,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/business_type?post=8496"},{"taxonomy":"lilypad","embeddable":true,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/lilypad?post=8496"},{"taxonomy":"context","embeddable":true,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/context?post=8496"},{"taxonomy":"industry","embeddable":true,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/industry?post=8496"},{"taxonomy":"persona","embeddable":true,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/persona?post=8496"},{"taxonomy":"imagine_tag","embeddable":true,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/imagine_tag?post=8496"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.sage.com\/en-ie\/blog\/api\/wp\/v2\/coauthors?post=8496"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}