It's never been more important for your business to be aware of prioritising online security and safety, and ensuring everyone in the organisation is adhering to best practice guidelines. This is no longer a ‘nice to have’, it's a basic necessity of running a business.
If we can take anything from the recent news of high profile cases of data theft from the likes of Sony, Microsoft and Yahoo, and the multiple phishing, invoice scams, and account compromises, it is that when it comes to cyber security, businesses need to take practical steps to minimise the risks of being hacked. Typically the reasons businesses have been hacked are directly related to poor security, such as sharing logins or common passwords.
Statistics from online security software vendor Norton show that cybercrime costs Australians more than $1.2 billion a year. More than 3.7 million people in Australia have been victims of online crime, and Norton says that the country ranks as the eighth most impacted in the world by ransomware. In fact, approximately one in four Australian and New Zealand small businesses were affected by a cyber attack or hacking attempt in 2017 according to the 2017 Norton SMB Cyber Security Survey.
Adding an extra lock on the door
Keeping your clients and your own sensitive data secure is critical. However, it is difficult to ensure that every single member of your team is using appropriate security procedures (such as NOT sharing logins or common passwords). To help your business maintain these secure practices Xero is extending the use of Xero login to all WorkflowMax users starting at the end of October. One of the many benefits of using Xero login is the enhanced account takeover protection. We analyse logins in the background to detect any that are suspicious because they're unusual for the user, and we send an email alert if we detect one. Additionally, we’ll also make two-step authentication (2SA) mandatory for all Australian users to comply with the Australian Tax Office requirements.
Two-step authentication adds another layer of security for your business and we encourage all customers to use two-step or multi-factor authentication (2SA/MFA) wherever it is available. This is particularly important for your email account, which is usually the means to hackers being able to reset your passwords for other sites. Two-step authentication is an extra layer of security that requires a password and username and a second unique code to be generated by an authenticator application, making it more difficult for unauthorised people to access your data. Look out for further communications from the WorkflowMax team over the next month to outline what you need to do to get ready for this change.