fbpx

Whose Account Is It Anyway? Securing your organization with Multi-Factor Authentication

9 minute read
Share this:
By TJ Lundeen
Sales & Marketing Specialist

When you leave your home or office for an extended period of time, you make sure the door is locked, often with multiple locks. Why should your accounts that protect valuable business data be any different?

Using a traditional username and password combination is no longer a sufficient security measure to keep intruders out of your accounts.

With data breaches exposing nearly 8 billion records per year, odds are the go-to password that you recycle for all of your login accounts has been compromised.

Cyber criminals are using those compromised passwords to create credential stuffing attacks, attempting to access other accounts using previously compromised information.

So, how can you keep your data secure? Enter multi-factor authentication (MFA).

What is multi-factor authentication?

Multi-factor authentication is a process of authentication the requires more than just a username and password. Multi-factor authentication options can include:

Passcode

A numeric code such as a personal identification number (PIN).

Security questions

A pre-defined set of questions and answers to confirm the identity

E-mail

Sending an e-mail with a verification link to a trusted account

Phone call

A pre-registered number receives a phone call with a voice prompt for authentication

Text message

Authentication is granted with a one-time passcode to a mobile phone

Soft tokens

Software creates a one-time passcode usually sent to a mobile application on a smartphone

Hardware tokens

Small physical devices that generate an authentication method

Biometrics

Fingerprint readers or retina scanners

Why should I use multi-factor authentication?

The short of it: Multi-factor authentication can help prevent cyberattacks that will cost you or your company big-time money due to breach recovery, ransomware, or lost data.

The long version: Following an appropriate password protocol, with length requirements, special characters, and a unique password that is frequently changed is a hassle. Often, users won’t follow these protocols, leaving your networks and their data exposed to hackers.

Multi-factor authentication reduces the risk of compromised passwords by adding another layer of protection to accounts.

Going further than just account verification, MFA can be implemented in an adaptive manner, where the risk associated with a user and factors around a login can be used to determine the appropriate level of scrutiny needed.

For example, if a user is logging in on their company laptop on the company’s Wi-Fi network, adaptive MFA may choose to only require one step for verification. The same user could log in from a restaurant down the street and have to go through the full process of MFA because the location or network is untrusted.

81%

Poor password practices account for the majority (81%) of company data breaches. Even though 91% of employees know reusing passwords is bad, 72% admit to reusing passwords anyway. The only solution to this is the creation and enforcement of stringent password policies throughout your organization.

Shouldn’t Multi-Factor Authentication be the standard?

Yes! Multi-factor authentication is considered a cybersecurity industry best practice and it should be in place at more businesses because of the uncertainty of today’s security landscape.

While nearly two-thirds of organizations report using MFA to some extent, the top reason it isn’t deployed more extensively is based on a lack of knowledge about which assets require additional levels of authentication.

Other companies have been slow to implement MFA over the perception that it slows productivity when it actually helps create a culture of cybersecurity that can improve overall productivity while protecting key data and assets from hackers.

In addition, implementing MFA can help get your organization more involved in cybersecurity, as users who receive authentication notifications, but aren’t currently attempting to access an account, can help to identify and prevent cyber threats.

cross
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram