While this may not be an important update for every PMG client, we wanted to make you all aware that the HubSpot Security Team has recently launched new tools to help keep the data (company, customer, etc.) you store in HubSpot even safer. All HubSpot accounts—no matter the level—now have the ability to require two-factor authentication (2FA) for platform users when they log into the portal.
How Does Two-Factor Authentication Work?
Required two-factor authentication necessitates that all of the users on your specific "hub" set up 2FA and use it when they log in. In a nutshell, 2FA requires both a password and a physical device associated with the specific user to enable that user to log in.
Because two-factor authentication requires that someone logging into an account has access to a physical object (desktop computer, laptop, etc.) belonging to that account owner only, the risk of a potential intruder gaining access to your company's account is significantly lower.
Why Did HubSpot Make This Update?
According to HubSpot, there's been an uptick in security incidents across the software industry as a whole. They've seen "bad actors" on numerous occasions targeting HubSpot accounts with weak security controls in order to export lists of contacts, make fraudulent purchases, and even send out malicious emails.
HubSpot is serious about helping its partners and customers protect their private data, as well as the data of all their contacts stored in HubSpot. And they consider using the following security and data protection measures to be more important than ever before.
Note: If you have a single sign-on provider, HubSpot also offers SSO integration with SAML 2.0 identity providers for Enterprise customers. Integrating with your existing SSO provider can provide additional layers of security, and SSO can be required for logging into HubSpot in place of a HubSpot username and password. To learn more about setting up and requiring SSO, please refer to this documentation. (Or just ask us about it!)
How Do I Set Up 2FA in HubSpot?
If you are a Super Admin or have permissions to edit account default settings, you have the ability to require every user in your account to use two-factor authentication. If this is something you're interested in, please let your PMG Account Manager know—we're ready to help. But if you'd like to learn more about the steps involved, here's a quick breakdown:
- In your HubSpot account, click the Settings icon in the main navigation bar. (It looks like a little gear.)
- In the left sidebar menu, navigate to Account Defaults.
- In the Security section on the General Info tab, click to toggle the Require Two-Factor Authentication (2FA) switch on.
- In the dialog box, click Yes.
Once the switch is toggled on, the requirement will only take effect after 24 hours. This 24-hour "grace period" is for users to set up their two-factor authentication method if they haven't already done so.
Note that every user in the hub will receive an email notification to enable two-factor authentication in their account. Users who already have set up their two-factor authentication methods will be reminded to generate back-up codes. And users who have not set up their two-factor authentication method will be directed to set it up via a CTA in the email. If they don't set it up within 24 hours, they'll be asked to set it up the next time they log in to HubSpot.
Please Reach Out to Us If You Have Questions!
If two-factor authentication is something important to your organization, please talk to your PMG Account Team about putting it in place—and coming up with a documented process for getting all HubSpot users at your company notified and prepared. We're happy to help!
For more information about HubSpot 2FA, visit their Knowledge Base here.
Have any thoughts on this blog post topic? Let us know!
Simply post a comment below to add to the conversation.