The stream of news about data breaches is a constant reminder of the importance of securing access to business applications. Which is why, with the latest update to their online HR system, Cezanne HR has added dual authentication, also known as multi-factor authentication or 2FA, to the secure login options, such as single sign on, already available to their customers.
John Hixon, Director of R&D for Cezanne HR, explains: “HR data is highly sensitive, and ensuring that only those with the right credentials can log in to HR software is an important line of defense. Customers can now choose to turn on dual authentication to add an additional layer of security to their system.”
With dual authentication turned on, anyone trying to log into the Cezanne HR system is, effectively, asked to identify themselves twice. Once using their user name and password, and then by entering an automatically generated one-time code.
Having researched the best approaches, Cezanne HR decided to enable this second step through email, and/or by using an authentication application on a smartphone or tablet. As John explains: “The advantage of using a mobile device is that most employees carry them with them at all times.”
Cezanne HR has aimed to make the additional security measure as straight-forward as possible to administer and use. For example, if both approaches are enabled, employees can select the option they want, whereas if only email authentication is in place, the code is automatically emailed to the address held in the Cezanne HR system. Another advantage is that, once employees have ‘created’ the link between the authenticator app on their device and the Cezanne HR system, they can link other devices too – useful if they might use a tablet at home, but their phone while traveling.
A number of extra security measures are in place, including automatic lock out if too many attempts are made to generate code, and the individual employee or HR administrator can remove the link between an employee device and the HR system should, for example, a device be replaced or stolen.
Cezanne HR has also taken the opportunity to apply a similar approach to password reset. If an employee forgets their password, they now receive an email with a one-time use link that has to be used within the specified time.