Multi-factor Authentication for Multifamily?

You have probably come across the term multi-factor authentication of late. It is an IT buzzword today and is fast becoming one of the best practices of cyber-security. So, what is multi-factor authentication, and why should it be used in the multifamily industry? Read this blog to find out.

Multi-factor authentication, as fancy as the term sounds, is just multiple barriers to data access which adds to the security component. In simple terms, imagine, your data in a box and that box fit into another, and then into another--all with locks. It is basically adding layers of security to your data. In fact, we are already experiencing multi-factor authentication on a regular basis. For example, when you want to make a transaction online using your banking portal, chances are, it sends you an OTP (one-time-password) to your mobile number that’s registered with your bank. Some banking portals also ask you for the grid numbers on the back of your debit card, some online transactions using credit cards ask for CVV or expiry dates.

Even Gmail, Facebook, and LinkedIn use multi-factor authentication when they see unusual activity in your accounts such as a first-time log-in from a device you haven’t used before, or a log-in at a time that you don’t usually access your Gmail, Facebook or LinkedIn accounts. Going beyond OTPs, Facebook takes multi-factor authentication a notch higher by asking you to identify a couple of your friends on Facebook or your most recent profile picture.

According to Wikipedia, Multi-factor authentication (MFA) is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something the user and only the user knows), possession (something the user and only the user has), and inherence (something the user and only the user is). In simpler terms, that means,

  • As the first layer of security, we have passwords, answers to security questions, PIN numbers etc.,
  • The second layer includes authentication methods such as OTPs, security tokens, access cards, etc.,
  • The third, and final layer is something personal to the user. Examples include biometric validation such as an eye scan, fingerprint scan, voice commands or facial recognition.
Multi-factor and the Multifamily Industry  
With cybercrime being rampant, property management companies cannot rely on the old school access authorization methods using a single password or PIN. Its important to use MFA whenever possible in your management operations. Here are some good suggestions on where to use it:  
  • Most management companies use a web based management system such as Appfolio, Entrata, or Yardi - make sure multifactor authentication is turned on (if it insn't already setup) 
  • Many companies are now embracing Office 365 for email and sharing data between properties and the corporate office. Multi-factor authentication is turned off by default - turn it on to add an extra layer of protection for your leasing team and corporate staff.
  • Finally, makes sure the third party vendors who store personal identifiable information of employees or tenants (like HR, Payroll, credit check, or background check Services) are using multi-factor authentication. If they don't, ask them to turn it on. 
Ready to get started with MFA for your management company and your properties? Ask you internal IT team for help with this, or if you don't have any IT support, give us a call to help you setup a strong, reliable, multi-factor authentication system for your data.