Security Lockdown: The Importance of Multi-Factor Authentication (MFA)

By February 10, 2020 Security
The Importance of Multi-Factor Authentication (MFA)

You may have noticed that recently a lot of your accounts are now requiring multiple methods of verifying your identity when you login. No longer do you just enter your username and password to get into your email, your cloud apps, or your accounting system. You now also need to input a short code that is texted to you, generated by an app, or emailed. In some cases, you might be getting verification phone calls, using a smart card, or entering biometric data like a fingerprint.

What is this? This is multi-factor authentication (MFA). MFA consist of three things that when combined verify someone’s identity. This is often summarized as “something you know, something you have, and something you are” (for example, a combination of username, password, tokens, and/or biometrics).

It may seem like a hassle, especially when you’re setting up these multiple verification methods, or if you need to run to find your cell phone for that text message code. MFA really is not convenient, especially if it’s poorly designed. But it’s making your accounts even securer by requiring multiple pieces of information or identification from you. This lessens the likelihood that someone will have all the pieces of data they need to hack an account.

A hacker may have your username and a list of your commonly used passwords, but if they don’t have the third or fourth verification steps, they’ll be stopped in their tracks. And this is a very good reason to not be afraid of using MFA!

Why is multi-factor authentication a big deal?

MFA can stop many common brute force attacks and phishing attempts. All it takes is a hacker to compromise a single email account in your organization. Suddenly coworkers start receiving legitimate-looking emails from a person they trust asking for sensitive information. Then the entire organization can be compromised.

But by enabling MFA, email accounts on services like Office 365 are much more secure and difficult to hack. (In 2019, Microsoft started rolling out mandatory multi-factor authentication in Office 365 to certain organizations and partner accounts. They know how essential MFA is, and they’re going to make it a default.)

The reality is that many traditional cybersecurity measures can be compromised without MFA. Anti-virus software, firewalls, encryption tools, network monitoring solutions, and more can all be bypassed if hackers compromise them and gain credentials to privileged user accounts. MFA is a beautifully simple solution to lock down accounts even further. And it’s often not that hard to roll out either.

Reasons why MFA Rocks

So what are some quick reasons why multi-factor authentication is so important?

  1. Identity theft is easy, and it’s a growing threat to all businesses. MFA makes identity theft harder.
  2. Weak or stolen credentials are hackers’ go-to method in a majority of attacks. MFA beefs up the strength of credentials considerably. It also makes stolen passwords less fruitful for hackers.
  3. Small businesses are being targeted at a growing rate by cyber attackers. New security measures are not for enterprise-class organizations only. MFA is simple and relatively easy for small organizations to roll out.
  4. Other cybersecurity tools and solutions, like anti-virus and firewalls, are only as strong as their user authentication procedures. MFA can make your existing perimeter security stronger.
  5. High-ranking employees and highly privileged user accounts are a hot target for hackers. MFA can be used specifically for administrative and executive accounts to protect them.
  6. Cybercrime is about more than just stealing data. With MFA, you’re also attempting to stop attackers from destroying data, changing programs, and using your accounts to transmit propaganda, spam, or malicious code.
  7. MFA is already becoming ubiquitous. People are accustomed to authentication procedures in their personal as well as professional lives. Social media, banking, gaming, and email platforms have all rapidly adopted MFA. Bringing it into your workplace is a no-brainer.

Questions?

Do you have questions about how to enable MFA for your network, apps, and services? Start today! You can contact one of OXEN’s experts by emailing us at hello@oxen.tech or calling 888.296.3619.


Recent Posts / View All Posts

IT Leadership | Shared CIO

You Need IT Leadership

| Consulting, Leadership | No Comments
Missouri is just beginning to emerge from its stay-at-home order in response to the pandemic threat. Who ever imagined that pandemic planning policies would become a reality? What was once regarded as a threat with low probability of occurrence will likely become a much higher probability as we navigate through the coming years. The realization of this threat has certainly changed the way we view ourselves and the world around us. It has sensitized us to our newfound vulnerability. This month, I am writing to you from the Joplin, MO office of OXEN Technology. Considering our present circumstances, our physical…
Tech Tip Background

Office 365 Tip: Create a file request in OneDrive

| Office 365, Tech Tip | No Comments
If you need to obtain files from various people, you can use OneDrive to create a file request that allows others to upload documents directly to a folder you specify. This gives people a quick way to transfer files to you without giving them view or edit permissions to your OneDrive folder. Here’s how! Note: This feature is not available in Office 365 Government. For file requests to work, your Office 365 administrator must enable Anyone links in OneDrive. Requesting Files Using OneDrive Online, select the folder where you want others to upload their files. Click Request files on the…
Virtual Private Network

What is a VPN and do you need one to work from home?

| Security | No Comments
Since businesses started shifting to remote work due to COVID-19, OXEN has seen a sizeable uptick in requests for purchasing and implementing VPNs for at-home workers. You’ve probably seen that a Virtual Private Network (VPN) connection is often recommended for securely working from home while accessing company resources. So what’s a VPN for in this context, and do you need one? If you’re a business manager, do you need a VPN connection for every employee who’s now working from home? Read on for our tips. What Is a Virtual Private Network? VPN stands for “Virtual Private Network”. It creates a…