Simplify and strengthen your security with 2-factor authentication

Unpredictable loss from cyber attacks

In just minutes, a breach can damage customer trust for a lifetime. According to the 2020 Verizon Data Breach Investigation Report, last year there were 157귭 incidents and 108갥 breaches. That may not trigger concern and thoughts like “we'll be OK”, until you realise 100,000+ of those breaches were credentials of individual users being compromised, to target bank accounts, cloud services, etc.

At Tidy we want our customers to be safe, knowing their organisation is operating with the highest level of security possible yet not placing obstacles in the way of providing great service to your clients and customers.

Sources: Risk Based Security Report, 2019; Cisco 2017 Annual Cybersecurity Report; Juniper Research Cybercrime & The Internet of Threats, 2017; Verizon Data Breach Investigations Report 2018; Verizon Data Breach Investigations Report 2020

Some tips to protect your online assets

Cyber-attacks are likely to become more and more common as more business move online. Criminals are an unfortunate element within society. The best we can do, is help protect your information online, especially sensitive and confidential personal/business information. Here are some tips to help keep both your personal and business information secure:

• Back up data frequently
  Data back-up is a basic yet useful way to protect the information many people may have overlooked. You are possibly not able to access your computer if you're attacked, however, a back-up allows you to restore your data later and avoid loss and disruption. According to the U.S. Chamber of Commerce and insurance company Nationwide, 68% of small businesses don't have a disaster recovery plan. The problem with this is the longer it takes you to restore your data, the more money you'll lose. Research from Gartner suggests this downtime can cost companies as much as $300,000 per hour.
• Keep your devices and apps up to date
  Updates don't only include new features, but also fix vulnerabilities to prevent the device or app from potential attacks. The next time you receive an update alert, please don't ignore it, ensure it's legitimate and not an attempted cyberattack.
• Use a strong and unique password
  From the 2020 Verizon Data Breach Investigation Report, over 100,000+ breaches were for obtaining log in credentials from individual users. Many people use the same password for many accounts which puts them and your organisation in a dangerous situation. Once an attacker gets your credentials, that attacker (human or machine) can access all your accounts. A strong and unique password will mitigate the risk to this type of attack.
• Turn on 2-factor authentication
  2-factor authentication (2FA) is another simple way to protect your information. Apart from the commonly used "username and password" combination to log in, 2-factor authentication provides and additional layer of security to your accounts.
  
  2FA is a security process that requires users to also provide a second factor to verify themselves. Common factors used include entering a code sent by SMS, answering an additional question that is personal to you, a biometric factor such as fingerprint, etc.
• Avoid sensitive transactions on public Wi-Fi networks
  Modern cloud and mobile technology make it easy to deal with transactions anywhere providing internet access. However, when you use public or unsecure internet/Wi-Fi at cafes, airports etc., you're exposed to risks that someone else can access your accounts and obtain your data. Ensure your internet is secure before you transact online.
  
  There are plenty of other measure to protect your online information, you can choose the ones that suit your situation.

Tidy offers you security with Microsoft advanced technology

Tidy's cloud software is built on Microsoft's Azure advanced cloud hosting platform which is a key advantage due to the Billions of (US) dollars annually that Microsoft invest in security. Microsoft Security takes a holistic approach to securing your organisation's IT and data environment across four key vectors: identity and access management, protection against threats, safeguarding of data at-rest and in-transit, and comprehensive visibility and control over your security ecosystem.

Your data in Tidy's products will be stored and processed within the Azure platform, leveraging the world's largest, most trusted, and most committed security presence.

Cyber security focus is not only an area that technology giants and mission critical business software providers like Tidy, Xero, etc. pay huge attention to. More and more governments now urge (and in some countries are beginning to demand) the use of secure methods to protect your online businesses from attacks. In response to the Australian government's announcement to apply 2FA in cloud software, financial accounting software providers like Xero, MYOB, etc. have already implemented 2FA. Tidy as an associated application and long-standing partner of Xero and takes the online security of our clients' business seriously. After thoughtful consideration, we have implemented the Microsoft account login within Tidy, so your organisation can benefit from the huge sums that Microsoft invests in this area which is among the highest level of investment globally. With Microsoft's built-in identity protection and Azure cloud platform security, Tidy provides customers with a higher level of security experience. Tidy keeps your data safe and secure in the cloud, even before you realise it. Click to know more about the Tidy's products.

How to use 2-factor Authentication with Tidy

Tidy allows its users to sign-in through third-party applications like Microsoft, instead of a standard log-in. These can be easily set up in your Tidy account as below:

1. In Global Settings, click on Users

2. For the user you would like to edit, click on Edit User

3. The login options of the user will be displayed, with two fields that can be changed.

These are the Login Type, and the Login ID

There are four third party options you can choose from to implement Single Sign On (SSO)

• Microsoft Work Account (Or Office 365)
• Microsoft Personal
• Google Account
• Facebook

Any of these Single Sign On options offer 2 Factor Authentication (2FA) as part of their service.

To learn how to set up 2 Factor Authentication for your Microsoft Account, please read this article:

• https://support.microsoft.com/en-us/help/12408/microsoft-account-how-to-use-two-step-verification

Or

To learn how to set up 2 Factor Authentication for your Google or Facebook Account, please read the related article below:

• https://support.google.com/accounts/answer/185839?co=GENIE.Platform%3DDesktop&hl=en
• https://www.facebook.com/help/148233965247823