Multi-Factor Authentication - a necessity, not a luxury
30th January 2020
For the purposes of this blog there are two kinds of businesses. Those that have had a breach and those that haven’t. It’s a fair assumption that those who have will have implemented MFA – and if not – why not? It’s an equally fair assumption that most of those businesses that haven’t had a breach won’t have implemented MFA.
This is a mistake. Would you choose a bank that didn’t offer MFA for your online banking?
Multi-Factor Authentication, as you’ll recognise from banking, requires you to know more than a single (potentially weak) password. An authentication app or a hardware token that gives you another piece of information needed to log in for example.
MFA through an app is also more secure than authentication via SMS, as text messages can be hacked. In addition, there are places in the UK without mobile reception which makes authenticating by SMS a challenge
Multi-Factor authentication can add an additional layer of protection for your business in the following ways:
- Protects employee logons
Year after year the most popular passwords are published, and they remain stubbornly weak. With over 80% of all data breeches down to stolen passwords, closing this weakness should be a priority for all organisations. Has your email been compromised – you can check here.
- Secure a VPN
A VPN is a secure way to log into a network from a remote location, but it is only as secure as the log in credentials. It is reasonable to suspect many people will have ones that are vulnerable.
- Secure Cloud Applications
Businesses are increasingly using cloud applications – Office 365 for example. Office 365 accounts are increasingly being targeted by hackers.
- Set up an SSO portal
Single Sign on portals can be an excellent way of controlling access to a variety of passwords and ensuring individuals can’t change device passwords (for example). However, as with every example if the SSO portal has a weak password it introduces a strong vulnerability to the business. MFA is essential.
- Be compliant
Should you be unlucky enough to have a breach if you have taken all the steps you could possibly take, your penalty will be a lot less severe than when compared to organisations that haven’t. MFA is one of the core steps you should implement.
West Midlands, Telford based Connexis Limited is a WatchGuard AuthPoint partner and can give you advice and quotes for your Multi Authentication needs. Contact us on 01952 528000.Back To News & Blog