Security Lockdown: The Importance of Multi-Factor Authentication (MFA)

By February 10, 2020 Security
The Importance of Multi-Factor Authentication (MFA)

You may have noticed that recently a lot of your accounts are now requiring multiple methods of verifying your identity when you login. No longer do you just enter your username and password to get into your email, your cloud apps, or your accounting system. You now also need to input a short code that is texted to you, generated by an app, or emailed. In some cases, you might be getting verification phone calls, using a smart card, or entering biometric data like a fingerprint.

What is this? This is multi-factor authentication (MFA). MFA consist of three things that when combined verify someone’s identity. This is often summarized as “something you know, something you have, and something you are” (for example, a combination of username, password, tokens, and/or biometrics).

It may seem like a hassle, especially when you’re setting up these multiple verification methods, or if you need to run to find your cell phone for that text message code. MFA really is not convenient, especially if it’s poorly designed. But it’s making your accounts even securer by requiring multiple pieces of information or identification from you. This lessens the likelihood that someone will have all the pieces of data they need to hack an account.

A hacker may have your username and a list of your commonly used passwords, but if they don’t have the third or fourth verification steps, they’ll be stopped in their tracks. And this is a very good reason to not be afraid of using MFA!

Why is multi-factor authentication a big deal?

MFA can stop many common brute force attacks and phishing attempts. All it takes is a hacker to compromise a single email account in your organization. Suddenly coworkers start receiving legitimate-looking emails from a person they trust asking for sensitive information. Then the entire organization can be compromised.

But by enabling MFA, email accounts on services like Office 365 are much more secure and difficult to hack. (In 2019, Microsoft started rolling out mandatory multi-factor authentication in Office 365 to certain organizations and partner accounts. They know how essential MFA is, and they’re going to make it a default.)

The reality is that many traditional cybersecurity measures can be compromised without MFA. Anti-virus software, firewalls, encryption tools, network monitoring solutions, and more can all be bypassed if hackers compromise them and gain credentials to privileged user accounts. MFA is a beautifully simple solution to lock down accounts even further. And it’s often not that hard to roll out either.

Reasons why MFA Rocks

So what are some quick reasons why multi-factor authentication is so important?

  1. Identity theft is easy, and it’s a growing threat to all businesses. MFA makes identity theft harder.
  2. Weak or stolen credentials are hackers’ go-to method in a majority of attacks. MFA beefs up the strength of credentials considerably. It also makes stolen passwords less fruitful for hackers.
  3. Small businesses are being targeted at a growing rate by cyber attackers. New security measures are not for enterprise-class organizations only. MFA is simple and relatively easy for small organizations to roll out.
  4. Other cybersecurity tools and solutions, like anti-virus and firewalls, are only as strong as their user authentication procedures. MFA can make your existing perimeter security stronger.
  5. High-ranking employees and highly privileged user accounts are a hot target for hackers. MFA can be used specifically for administrative and executive accounts to protect them.
  6. Cybercrime is about more than just stealing data. With MFA, you’re also attempting to stop attackers from destroying data, changing programs, and using your accounts to transmit propaganda, spam, or malicious code.
  7. MFA is already becoming ubiquitous. People are accustomed to authentication procedures in their personal as well as professional lives. Social media, banking, gaming, and email platforms have all rapidly adopted MFA. Bringing it into your workplace is a no-brainer.

Questions?

Do you have questions about how to enable MFA for your network, apps, and services? Start today! You can contact one of OXEN’s experts by emailing us at hello@oxen.tech or calling 888.296.3619.


Recent Posts / View All Posts

Cybersecurity during COVID-19

Feeling the COVID-19 Panic? Don’t Forget Your Cybersecurity

| Leadership, Security | No Comments
Attackers Are Taking Advantage of Unprecedented Changes What we’re witnessing today with the COVID-19 pandemic is unprecedented. Local governments are banning large gatherings. Many businesses and institutions are forced to close or adjust work schedules. Organizations that can are moving their employees to reduced hours or remote work. This means many people are now working from home for the first time and encountering issues with connectivity and access to company networks and data. The social isolation, uncertainty, and distractions cause anxiety and mistakes. On top of all of this, cyber attackers are already trying to take advantage of a world…

An Update from OXEN Technology

| Announcements | No Comments
To all our valued clients Much has changed across the country and across the world in the past few weeks. We want to let you know how OXEN has adapted to the COVID-19 pandemic and what precautions we are taking, while also serving you remotely. Do you need help with remote work? First and foremost, we know many organizations and businesses are taking quick action to set up remote workers and work-from-home policies. Many of your employees are working remotely for the first time and experiencing the technical hurdles that come with that transition. If you are having any problems…
Managed IT Services

3 Signs You Need Managed Services

| Managed Services | No Comments
If you've researched methods of taking care of your IT needs, you've probably come across "managed services" or "managed IT services". What is it—and do you need it? "Managed services" can be generally defined as "outsourcing day-to-day management responsibilities for improving operations and cutting expenses."1 When it comes to technology, managed services is, more specifically, the outsourcing of continual monitoring and day-to-day administrative duties of your IT infrastructure. How do you know if you could benefit from managed services? The best way to determine if you'll cut costs is to know what you are currently paying for your IT's upkeep—and…