Two-Factor Authentication
How to keep your practice safe from unexpected intruders.
Overview
Two-Factor authentication is a verification process that helps to protect your devices and programs. It’s one of the best practice tips to help keep your data secure and safe from a breach. It’s a step that’s available on a lot of the programs that you use daily. You should also be able to find two-factor authentication options on the devices that you use.
Also called 2FA, it’s a process to verify your identity a second time when you access sensitive information or open your device. It also offers a second level of protection, in case your original password is ever compromised.
Here, we’ll discuss what it is, why it’s important, how it works, and the options that are available for two-factor authentication with PrognoCIS solutions.
Table of Contents
What is two-factor authentication?
As the name suggests, 2FA is the process to use a second identification in order to log into an account or access your device. This is an extra measure to secure data, which proves effective. According to the Verizon Data Breach Investigation Report 2019, 80% of hacking breaches were related to passwords. Making passwords more secure is a natural option in order to protect your system from these prominent attacks.
There are other best practices you should be using, as well. It’s highly recommended that you change your passwords regularly. This is still an excellent practice that should be part of every user’s protocol. A second practice is to make each password unique. This should be a mandatory protocol for every user. Sharing passwords among multiple devices is dangerous because a bad actor only needs to breach one account. They can use that password on each of your accounts to gain entry if you’re not using unique passwords every time. Hackers routinely check numerous accounts once they gain a single password because it’s so common for people to use them repeatedly.
Two-Factor authentication is another tool in the arsenal to fight hackers and cybersecurity breaches. Using these extra security measures helps keep your data safe and in compliance, especially in highly regulated fields, such as healthcare. It’s available on many of your devices and programs and may be used in a number of ways.
How 2 FA works
The first authentication point in a two-factor process is the password. It should follow the best practices of being unique and users should change the password on a regular schedule. The second step of the two-factor authentication can vary. You should be aware, too, that there is also multi factor authentication (MFA). Technically, 2FA is multi factor because there is more than one form of authentication used. But multi factor can also use three types of authentication. So, 2FA is always MFA but MFA is not always 2FA. Theoretically, the more authentication used, the safer the data.
Neil J Rubenking, PCMag’s lead security analyst, explained authentication as three possible factors. It could be, “something you know (such as a password), something you have (such as a hardware token or cell phone), and something you are (such as your fingerprint).”
A typical multi factor authentication process would use one of each type. For example, a password, a key sent to a cell phone, and finger-print authentication.
With two-factor security, you’re choosing two of these options for authentication. The first might be your password. The second might be a token, this could be a key sent to your phone through text message or it could be an RSA algorithm. RSA, is a highly safe form of security because it uses complicated encryption that changes rapidly.
At PrognoCIS our 2FA includes biometric fingerprint authentication. This fulfills the idea that the second step should be something that no one else can possess. If your password was compromised, a hacker could easily log in without the 2FA feature enabled. With fingerprint authentication, a hacker would not gain access even with your username and password.
Fingerprint authentication is simple to enable and use. Patients can find the function located under the profile icon and on the main dashboard. Once you tap on the “enable fingerprint” option, you’re directed to the “OTP Screen”. Once you’ve arrived at this screen, the app will send a one time password to the mobile device on record for your account. You’ll have 30 seconds to use the password to proceed with the process.
Once the password is accepted, the app directs you to a screen to scan your fingerprint. From there, your unique fingerprint is saved as a secondary authentication method.
After fingerprint authentication is enabled, a confirmation email is sent to the account on record and the option is added to your login screen. Once it’s enabled, you’ll also have the option of using your unique fingerprint to log in, rather than your username and password. If you decide at any time to discontinue using your fingerprint authentication, you also have the option of disabling the feature.
At PrognoCIS, we offer this feature for patients and physicians. When the feature is enabled, no one would be able to access your account, even if they had access to your device. Fingerprint authentication is one of the most secure methods you can use to protect your information. The feature is easy to set up and can be enabled or disabled based on your preference. We do highly recommend using it to keep your data secure.
Two-factor authentication isn’t new. It wasn’t only designed for software or apps, that’s just the latest use. When you think about it, we’ve been using 2FA for many years. If you use your bank card at an ATM, you’re using 2FA. The card itself is one form of authentication. The PIN you use is your second. Many automobiles use forms of this technology, with keycodes on the door and codes in the key fob.
Multi factor authentication is used in a lot of different forms to help protect your possessions from theft. Your data is just as important. For physicians and those in the healthcare industry, it’s even more important because the data you’re protecting is sensitive patient information, including medical, financial, and personal information. For healthcare organizations, there’s a moral obligation to protect this information to the best of your ability and there are also regulatory
Two-factor authentication for your software
Two-factor authentication is available on most devices and software that you use. Computers, laptops, and iPad should always be secured with a password and you can add a second form of authentication, as well. Google Authenticator is probably the most well-recognized app because it’s one of the oldest and because it’s easy to use.
You’ll notice that virtually all of the platforms that you use offer two-factor authentication. These include PayPal, Google, and any of the social media platforms. Some will offer you a choice of using SMS through their platform or using an app. In some cases, they will only offer the SMS option. Each different platform has their own protocol for setting up multi factor authorization. You can usually find these directions somewhere on their site or help section. If you can’t find the material on the platform, a quick web search can bring up some informative articles explaining the more popular platforms, like this one from The Verge.
The type of authentication you use is largely preference. There may be some restrictions based on the apps that you use or the authentication process involved on the platforms. The theory is that more authentication factors make the device more secure, but this will largely depend on the individual user. Passwords offer limited protection largely because users don’t follow best practices. Like every security measure, it’s important that you maintain them and don’t take shortcuts. This means changing passwords, not using easy to guess passwords, not using the same password on multiple accounts, and, of course, not leaving your devices unlocked. One of the most common ways that breaches happen is by having actual devices stolen. If the device is not properly protected, the thief has access to everything.
Quickly access patient charts, monitor patients remotely and grow your practice beyond your physical location. Read our white paper or request a demo from our experts.
For a complete up to date state by state regulations please visit Law and Policies by State
How PrognoCIS meets your cybersecurity needs
PrognoCIS offers 2FA in order to help their clients maintain the highest level of security for their own compliance needs and their patients. This technology is available on EMR, Billing, and Portal End User logins through PrognoCIS. The feature comes standard but is set to “Not Required” as a default. What this means is that it’s up to the user to set up their authentication process.
Setting up your 2FA in PrognoCIS
You can find the feature in prognocis.2FAauthentication.setup. This is a very simple process to complete. Simply navigate to the 2FA Authentication Set Up. There are three property values represented.
- N – Not Required. This setting means that your 2FA is disabled. This is the default setting for your PrognoCIS and you will need to manually change it in order to take full advantage of the security offered by two-factor authentication.
- O – Optional. This setting allows individual users to determine whether or not they will use two-factor authorization. Your users can set up their own 2FA on the Master Screen.
- M – Mandatory. This is highly recommended. It mandates the use of 2FA for all users.
In order to use the 2FA feature, the users’ email ID and/or cell phone number will need to be registered and saved in the Master Screen.
Once the user is registered, they can verify their account and choose to have the second verification sent to either their email address or their cell phone. Users can also choose to have authentication sent to BOTH cell phones and email addresses.
In order to login to their accounts, they will need to use their password. That will prompt a One Time Password, which will be sent to their email, phone, or both. The one-time password can be a 4, 5, or 6 digit code. The default in PrognoCIS is to use a 6 digit code, but this can be changed.
As we move forward, multi factor authentication will continue to evolve and remain an important part of keeping your data safe. Often employees and users forego these security measures to save some time, but the time is really very minimal. The risk is far too great to go without proper security measures for your data.
Other features include:
Quick patient registration
Appointment module with reminders (TEXT, Telephone call reminder- integration with inphonite)
Waitlist feature
Email reminders
Health Maintenance, Follow up due, upcoming appointments
Insurance Verification thru Trizetto
One-touch scanning
OCR card scanning- ID and insurance card
Integrity/ Open Edge Credit card processing for co-pay collections and bill pay
Patient portal web based as well App (My Health Records)
ProCheck-In
iPhone app for physicians
Intake forms Medical history – Facesheet
Multiple facesheet layouts to display and track the data
Lab, Radiology and Vital matrix
Notifications for Lab and rad review
Order management
Referral management tracking
RFA (Request for Authorization) Module
CCD and CCR files export/import
Secured messaging, N2N
MIPS/MACRA Certified
Sign up for a quick Discovery Call from PrognoCIS EHR
Please fill out the fields below
* These fields are required.
By clicking submit you agree to our Terms of Use and consent to our contact process. See our Privacy Policy to unsubscribe.