Here at clixifix® security is our top priority. As custodians of your data, configuring multi-factor authentication on your account is a key step to building and maintaining the security of our trusted platform.
In this blog post we explain what MFA is used for, how it will affect you as a user and the due diligence from us to protect you.
What’s it for?
MFA (Multi Factor Authentication) is fast becoming the norm for accessing web-based applications. You will have encountered this process across many of your day-to-day applications such as your online bank.
MFA and 2FA is deployed to keep your users and your data safe. Providing your business with additional security to prevent anyone but you and your users from accessing your account, even if your password has been exposed.
Other additional or secondary factors that have been around for a while include options such as chip and pin as often seen in banking which requires a physical device issued to an individual to generate a secret code which is unique to the device, or a secondary screen that asks you for two or three random digits from your memorable word.
How will it affect me?
Once deployed 2FA (2 Factor Authentication) will be prompted for ALL new users to clixifix® across our Subcontractors, Providers/ Housing Associations & Property Management Users.
After using your email address and secure password to authenticate we will send a, short lived, 6 digit code to your email address. The code will expire after ten minutes.
Once you receive the code you will need to enter it into the box on screen and click authenticate. If the code is accepted you will be logged in as usual. When entering the code, you can optionally have the browser you are using remember who you are for 30 days by clicking the remember me button.
Our due diligence
As part of our due diligence process, we consulted with the National Cyber Security Center who issue guidance on how to maintain secure IT infrastructure – see here for more:
As part of our commitment to this standard we ensure we are certified to CyberEssentials+ status which requires external validation and accreditation. Additionally, as this constitutes a large change to our system we have employed an external agency to perform penetration tests on the whole system, including our 2FA solution.
To make sure our solution satisfies our customers due diligence requirements we also reached out to a sub section of IT managers from within our user base.
As always our clixifix® team are on hand to support you with any queries or concerns.