Due to current CDC regulations surrounding COVID-19, area employers are requiring employees to work remotely, we've potentially opened ourselves to new vulnerabilities and there are a lot of threat actors just waiting to take advantage of them. One option to help mitigate some of this risk is through deploying multi-factor authentication.
What is multi-factor authentication?
Multi-factor authentication (MFA), also referred to as two-factor authentication, is a security enhancement that requires a user to provide additional pieces of evidence before logging into an account. Ultimately, MFA helps prevent unauthorized access to the protected account if your credentials become compromised.
Why is multi-factor authentication critical to protecting us?
Aside from the most recent events forcing many to work from home, we’ve been living in a technological world where passwords alone are no longer a sufficient means to protect our valued information.
A password by itself is a single form of authentication – if someone else has your login name and password, they potentially have access to all resources that the specific account has access to.
Let’s take emails for example. We see email as the primary means of communication to external parties. Often, in those emails sensitive data is exchanged. Unfortunately we’ve seen a large increase in email account password compromises over the last 12 months, and without proper security, the number will continue to climb.
According to Microsoft’s blog, enabling MFA can reduce account compromise up to 99.9 percent bringing the chance of stolen credentials down to almost zero.
- 81% of breaches are caused by credential theft.
- 73% of passwords are duplicates.
- 50% of employees use unapproved apps.
By leveraging MFA technology, you add additional account security that protects every employee from compromised credentials. (This protects not only your users, but organizational data as well.)
Implementing multi-factor authentication
Implementation can be done in a variety of fashions, depending on the technology you're using. For example, we've seen successes with Office 365 and Microsoft 365, G-Suite, and Microsoft Azure but don’t think MFA should be limited to these. Consider other applications both internally and cloud hosted that you could protect as well.
There is a variety of brands providing MFA solutions, it is vital to understand which are the most conducive to your technology stack, and more importantly, to your end users. Ask yourself: Will this solution be complicated for my employees to use? Most users understand the need for additional levels of security, however choosing a method that impacts them the least (while providing acceptable levels of security) is important for adoption.
Finally, before moving forward with an implementation, make sure you have a plan and you’ve communicated to those impacted. This will be a change for most users and the more you communicate the changes the smoother the transition will be for them.