Source: Privacy Commissioner
Deputy Privacy Commissioner Liz MacPherson wants all agencies, big or small, to introduce two-factor authentication to protect the information they hold. She makes the remarks following the findings of the Office of the Privacy Commissioners latest small businesses Insights Report and to support CERTs two factor authentication campaign. When a cyber security privacy breach occurs, the question compliance officers will ask is have you taken reasonable cyber security steps to protect the personal data you hold? Not to have taken reasonable steps is a breach of the Privacy Act and the trust that your customers or clients have placed in you to keep their information safe. What is reasonable depends on the size of the organisation and the scale and sensitivity of the personal information they hold.
Two factor authentication is like an extra wall between you and people who would steal your data.
