2FA helps to secure any online system requiring user names and passwords by adding a second layer of protection. You might not think two factor authentication is needed to protect resources within your organization. However, you would be surprised as to how much unauthorized access occurs right within your business operation. For example, one of your managers is away from the office on business, but left their computer on in their office. As a result, their administrative assistant, or anyone, for that matter, can go into their office, sit down at their desk and have access to email, saved files, applications and anything else your manager does. Another problem you may have to deal with is if this manager has signature authority to approve time cards, purchase orders and other expenses. Just because they are out of the office, does not mean it will not stop their administrative assistant from approving these items in their absence.
Another issue for many organizations not using 2FA is when employees share their user names and passwords with one another. How many times have you overheard one employee telling another their log-on credentials, to access the internet or open an application the other employee may not be authorized to use? Two factor authentication resolves these issues, because not only do your employees need to supply their user name and password, but also a second form of authentication, in the form of a digital certificate. Without this second piece, access is denied and stops unauthorized access.