September 8, 2020
Misconfigurations of multi-factor authentication (MFA) — or even simply not making use of MFA at all — is currently the largest hole in the already thin shield that keeps your remote workforces secure. Why is MFA especially important for remote workers? In today’s blog, we outline the reasons for setting it up immediately.
What is MFA?
Multi-factor authentication simply refers to the process of utilizing multiple authentication requests when a user logs into any given system. For example, someone who wants to log in will need more than just a username and password. Often, they will also have to provide a code sent to them via text message or email. A process that requires only two steps such as these is known as two-factor authentication, or 2FA. MFA is a catch-all term that includes 2FA as well as any process that requires three or more steps. Additional factors of authorization could include fingerprint identification, facial recognition, voice recognition, pin numbers, a security token or any number of additional methods for proving that you are who you say you are.
Why is MFA important?
By themselves, username and passwords are no longer sufficient to protect accounts with sensitive information. Between password decryption utilities, that are now available to literally anyone on the internet, social engineering fraud, phishing campaigns and a plethora of other methods used to obtain someone’s password, having this singular layer of account protection simply isn’t enough. And now, as more organizations are relying increasingly on remote workers to tow the line, cyber vulnerability is at an all-time high. But by using multi-factor authentication, you can protect these accounts with additional layers of security, thus reducing the risk of online fraud, identity theft and enterprise-wide data breaches. It’s not a panacea, but at the very least it can protect you from the majority of cybercriminals who give up after the first attempt to move on to easier targets at a faster pace — those targets who are only using passwords without any additional confirmations.
How do you configure MFA?
The method for setting up multi-factor authentication varies according to the platform you’re configuring it for. Microsoft 365 for example has its own suite of configuration options and has its own tutorial for setting up MFA. Other platforms such as Amazon Web Services have their own set of instructions. Ideally, you want to set up a form of MFA on any application or service that requires a login of any kind. Each one will have its own process involved. Most will be similar, but not all are immediately apparent. We suggest either looking up the process for the platform in question, or — even better — simply contact us to set it up for you on every application that needs it. The latter option is the most ideal as it can save you a lot of time, as well as ensure that all of your security settings are configured exactly how they should be.
It’s unfortunate, but things just aren’t as simple as they once were. A single, lone password cannot be the only thing standing between your entire organization and a group of cybercriminals who are taking full advantage of this year’s chaos to steal from you. It only takes an extra couple of steps to protect your remote workers and your business from the worst of it.