What areas does Attenu8 cover for IT support?

Attenu8 provides managed IT support across Hertfordshire, London, Essex, and surrounding counties. We support businesses both remotely and on-site.

How quickly does Attenu8 respond to IT issues?

Attenu8 has a 15-minute average first response time for IT support issues. Critical issues are prioritised immediately through 24/7 monitoring.

Is Attenu8 Cyber Essentials certified?

Yes, Attenu8 is Cyber Essentials certified. We also help clients achieve Cyber Essentials certification as part of our cyber security services.

Does Attenu8 offer fixed-price IT support?

Yes. Attenu8 operates on a fixed monthly pricing model with no hidden charges or surprise call-out fees. You know exactly what you are paying from day one.

How long has Attenu8 been providing IT support?

Attenu8 was founded in 2003. With over 20 years of experience, we have been delivering managed IT support and services to businesses across Hertfordshire and London.

What is a managed IT service provider?

A managed IT service provider (MSP) acts as your external IT department. Instead of hiring in-house IT staff, you get a full team of IT engineers for a flat monthly fee, covering helpdesk, monitoring, cyber security, and strategic IT planning.

Does Attenu8 support Microsoft 365?

Yes. Attenu8 provides Microsoft 365 migration, management, and ongoing support including licensing advice, Teams, Exchange email, SharePoint, and security hardening.

How does onboarding work with Attenu8?

Onboarding starts with a free IT audit. We provide a fixed-price proposal and handle the full transition. Most clients are fully onboarded within one week with no disruption to their business.

What Is MFA and Why Does Your Business Need It?

Most business owners assume their passwords are doing the job. They’re not.

Passwords alone are no longer enough to protect your accounts. Attackers know this. They buy stolen credentials in bulk, run automated login attempts at scale, and get in without ever needing to guess. If your team is logging into Microsoft 365, your email, or your cloud systems with just a username and password, you have a serious gap in your security right now.

Multi-factor authentication (MFA) closes that gap. It is one of the most impactful things you can do for your business security, and it costs nothing to switch on.

What is MFA?

MFA means requiring more than one form of verification before someone can access an account. Instead of just entering a password, the user also has to prove they are who they say they are through a second factor.

That second factor is typically one of three things: something you know (a PIN or backup code), something you have (your phone, a hardware key), or something you are (a fingerprint or face scan).

In practice, for most businesses this means: enter your password, then enter a six-digit code from an authenticator app on your phone. If someone steals your password, they still cannot get in without your phone. It is that straightforward.

Why does it matter?

Credential theft is the most common way businesses get compromised. Phishing emails, data breaches at third-party services, password reuse across personal and work accounts — all of these can hand an attacker a working username and password. Without MFA, that is all they need.

With MFA, a stolen password on its own is worthless. The attacker would also need physical access to your phone or device. That stops the vast majority of automated attacks dead.

The National Cyber Security Centre is clear on this: MFA is one of the most effective controls available to any organisation. It is also one of the five requirements for Cyber Essentials certification. If you are aiming for that, MFA is non-negotiable.

Which accounts need MFA?

The short answer is all of them. But if you need to prioritise, start here.

Your Microsoft 365 or Google Workspace accounts are the highest priority. Email is the master key to everything else. If an attacker gets into your email, they can reset passwords for every other service linked to that address.

Any cloud-based business systems come next. CRM platforms, accounting software, project management tools. Anything accessible from a browser is accessible to an attacker if the credentials are compromised.

Remote access and VPN logins are also critical. These are often targeted specifically because they provide a route straight into your network.

What about the inconvenience?

It is real, but minimal once people are set up. Logging in takes an extra ten seconds. That is the trade-off for dramatically reducing your exposure to account takeover.

Modern authenticator apps like Microsoft Authenticator make it as painless as possible. You can also configure trusted devices so staff are only prompted for MFA when logging in from a new location or device. The friction largely disappears after the first week.

The more relevant question is what the inconvenience of a breach looks like. Locked-out systems, lost data, potential regulatory fines, and the time it takes to recover are considerably worse than an extra step at login.

How do you turn it on?

For Microsoft 365, MFA is managed through the Microsoft Entra admin centre. You can enforce it for all users, set up conditional access policies, and monitor sign-in activity from one place. If you are on a Business Basic plan or above, the tools are already included.

For Google Workspace, it is in the Admin Console under Security. Same principle.

For other services, check the security or account settings. Most modern platforms support MFA and often label it as two-factor authentication (2FA). The terminology varies but the principle is identical.

Your IT provider should be rolling this out as standard. If they have not raised it with you, that is worth asking about.

One common mistake

Avoid SMS-based MFA if you can. Receiving a code by text message is better than nothing, but SMS can be intercepted through SIM-swapping attacks. An authenticator app is more secure and just as convenient. If you are setting MFA up from scratch, go straight to an app.

Not sure if MFA is switched on across your business?

It is more common than you would think for MFA to be partially configured — switched on for some accounts but missed on others. Our free IT audit covers exactly this. We will check your current setup, identify any gaps, and tell you plainly what needs doing.

Get in touch at book a free IT audit or call us to arrange your free audit.

← Back to all articles