Hacking concerns if sending a PUSH to email with 2FA enabled.
We do have some customers or users who are concerned that, if they PUSH a request to an email and send it with 2FA enabled, if the email gets hacked then the hacker can access the documents.
Botdoc is a real-time, ad-hoc (solution for a specific purpose or goal), just-in-time, technology!
If we think about two-step authentication from the portal or secure email side of things, if someone were to obtain that pin, it puts the individual at risk because at any point in time (if they get hacked), the hacker can access that person's account, giving them the ability to see all those docs, change their password, etc.
With Botdoc, the push sessions are only open for 14 days, or less in some cases. So, after those two weeks, that code won't work to open that container. Another great point is a hacker is most likely only going to be looking at files or attachments. Given the Botdoc link is just the communication link, it's not a high-risk item as they may not know what the link is.
We also can activate MFA on the P2 if it becomes a requirement of the organization.