Your phone pinging when you accessed your emails started as a novelty, but now Multi Factor Authentication (MFA) has become a standard and important part of most cyber security systems.
MFA requires a user to confirm their identity via two or more forms of verification. Until this is authenticated, they will not be able to access the app, network, or website they are trying to reach.
Set policies will govern the use of MFA, meaning it may not be necessary to authenticate every time. A change in the device attempting access or the request coming from a new geographical location, or log in behaviour such as accessing in the middle of the night, could trigger the verification process dependent on the policies set.
There are several reasons MFA is important, not least that employees still use weak passwords. Whilst this can be prevented internally by ensuring passwords meet a certain criterion, external websites used for working purposes may not have the same secure procedures in place. Having your password stolen through phishing emails, social engineering, SMS scams or other cyber-crime tactics is mitigated by MFA.
Organisations will implement various layers of security, however, should a password be hacked, these are often rendered redundant. Should an account be compromised, firewalls and anti-virus systems are breached as genuine login credentials are used by a cyber-criminal. This gives the hacker access to manipulate or destroy files and system, as well as the ability to communicate with other employees or customers posing as the individual.
In our last blog, we talked about a passwordless future. MFA allows for this using mobile verification via call or text, FIDO keys (USB Authentication), and bio-metric authentication methods including fingerprint, facial or even retinal recognition.
Other benefits include an increase in productivity, as we eliminate the need to remember passwords, use a password manager, or administer password resets.
MFA helps certain industries stay compliant where the security surrounding confidential data is regulated. It protects a business that allows logins from personal devices, adding protection between any potential threats on the device, and the company policies.
MFA is one of the simplest but most effective forms of cyber security. Our Cobweb Secure security bundles enable MFA at every level to help keep your business protected.
To find out more about Cobweb Secure as well as our managed service offering: Cobweb Secure – UK Cloud Solutions Provider, Microsoft CSP & Office 365 | Cobweb