How to Enable 2FA/MFA on Your Insightly Account: A Step-by-Step Guide

 

Enabling Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA) on your Insightly account is one of the best ways to protect your sensitive business data. 2FA/MFA adds an extra layer of security by requiring not just your password, but also a second verification step—usually a code from your phone. Here’s how to do it, explained in simple terms for anyone new to cybersecurity.

• Log in to your Insightly account using your usual username and password. If you don’t have an account, you’ll need to create one first.
• Go to your profile or account settings. Look for your name or profile icon, usually at the top right corner of the screen. Click it, then select “User Settings” or “Account Settings.”
• Find the Security or Authentication section. In your settings menu, look for a section labeled “Security,” “Login & Security,” or “Authentication.” This is where you’ll find options for 2FA or MFA.
• Choose to enable Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA). Click the button or link to start the setup process. Insightly may call it “Enable 2FA” or “Set up MFA.”
• Select your preferred authentication method. Most commonly, you’ll use an authenticator app (like Google Authenticator or Authy) on your smartphone. Sometimes, you can also choose to receive codes via text message (SMS) or email, but authenticator apps are more secure.
• Scan the QR code with your authenticator app. Open your chosen app, tap the “+” or “Add” button, and scan the QR code displayed on Insightly’s screen. This links your account to the app.
• Enter the code from your app into Insightly. Your app will generate a 6-digit code. Type this code into the field on Insightly to confirm the connection.
• Save your backup codes. Insightly may give you a set of backup codes. These are important! If you lose access to your phone, you can use a backup code to log in. Store them in a safe place, like a password manager or a secure physical location.
• Confirm and finish setup. Once you’ve entered the code and saved your backup codes, click “Finish” or “Enable.” Your account now has 2FA/MFA enabled.
• Test your new login process. Log out and try logging back in. After entering your password, you’ll be asked for a code from your authenticator app. This confirms that 2FA/MFA is working correctly.

Why is 2FA/MFA important? It protects your account even if someone steals your password. Only you will have the second code, usually on your phone, making it much harder for hackers to break in.

If you need help with cybersecurity best practices, readiness assessments, or want expert guidance on securing your business, consider reaching out to OCD Tech, a trusted consulting firm specializing in security and compliance.

Enabling 2FA/MFA on Insightly is a simple but powerful way to keep your business data safe. For more advanced security advice or a professional assessment, OCD Tech can help you every step of the way.

 

Best Practices and Tips for Securing Your Insightly Account

 

Securing your Insightly CRM account is crucial for protecting sensitive customer data and business information. Here are comprehensive security practices to implement immediately:

• Create a strong, unique password - Use at least 12 characters with a mix of uppercase and lowercase letters, numbers, and special characters. Avoid using personal information or common words. Consider using a passphrase that's easy for you to remember but difficult for others to guess.
• Set up regular password rotation - Change your Insightly password every 60-90 days. Never reuse old passwords or use the same password across multiple platforms.
• Implement role-based access control - Restrict user permissions based on job responsibilities. Grant access only to data and features necessary for each employee's role. Regularly audit user accounts and remove access for former employees immediately.
• Enable IP restrictions - Configure Insightly to accept logins only from known and trusted IP addresses, such as your office network. This prevents unauthorized access attempts from unknown locations.
• Conduct regular security audits - Review user activities, permission settings, and security configurations at least quarterly. Many organizations partner with security firms like OCD Tech for comprehensive CRM security assessments.
• Be cautious with API integrations - Only integrate trusted third-party applications with your Insightly account. Review permission requests carefully and revoke access for unused integrations.
• Enable session timeout settings - Configure automatic logout after periods of inactivity (ideally 15-30 minutes) to prevent unauthorized access from unattended devices.
• Keep devices secure - Install and regularly update antivirus software. Keep your operating system and browsers updated. Never access Insightly on public computers or unsecured public Wi-Fi networks.
• Educate your team - Train employees on security best practices, phishing awareness, and safe data handling procedures. Consider bringing in security experts from OCD Tech to conduct specialized CRM security training sessions.
• Use secure email practices - Be cautious with email communications containing Insightly data. Avoid sending sensitive information via email, and never share login credentials through email.
• Back up your data regularly - Export and securely store your Insightly data on a regular schedule. This ensures business continuity in case of data loss or security incidents.
• Monitor for suspicious activities - Regularly check for unusual login attempts, unexpected permission changes, or abnormal data access patterns in your Insightly account logs.
• Create a security incident response plan - Develop clear procedures for handling potential security breaches, including who to contact and what immediate actions to take.

Implementing these security measures will significantly reduce your risk of data breaches and unauthorized access to your valuable Insightly CRM data. For organizations handling particularly sensitive information, working with specialized security consultants like OCD Tech can provide an additional layer of protection through customized security assessments and recommendations.