We have spoken about MFA briefly in some of our other articles, and for good reason. Multi-Factor Authentication or MFA, is the security protocol that requires more than one different types of security authentication. This means, in practice, that you need not only a username/password combination, but also something else, like a biometric scan, or access to an email or mobile phone. This method of security ensures that there is no single point of failure and therefore, a significantly more sophisticated security in place for whatever is being protected. Microsoft estimates that MFA has a security effectiveness of over 99.9%.
Passwords are a surprisingly poor protection, when used alone. The techniques that attackers use to obtain passwords are sophisticated and only have to catch out a single user in an entire organization. Phishing attacks, designed to trick people into giving out their passwords freely; password spraying, where commonly used passwords are tried on all accounts in a system; and credential stuffing, where attackers use breached account information from data leaks on other sites and use them against accounts held in the same name hoping that passwords have been reused. With just these three simple, common methods, you can see that the chances of nobody in an organization falling victim to just one of these attacks is quite slim. This is where MFA comes in. When additional authentication checks are required on top of a password, it brings the risk of breach very close to zero, which is what you want.
What to consider?
The implementation of MFA requires the use of a technological method of authentication. Most commonly used at the moment is through a smartphone app or via text. Products such as Office 365 have built in MFA which allow the easy use of mobile applications for MFA purposes.
Unfortunately, the implementation of MFA requires users to perform an additional step to log on to any services that require MFA. This can be a point of resistance from users and creates a requirement for good security education in an organization to ensure that users understand the importance of MFA and other security requirements in an organization.
We believe that due to this, the best practice is to enable MFA on all devices and services that require enhanced security and what’s more, we believe that the creation of a “Human Firewall” to be incredibly useful. A Human Firewall is the commitment of employees to follow security principles and to unsure a strong security culture in an environment. You can help this by training your employees and colleagues to use good security practices like MFA in the personal lives, like on Gmail. This will have the joint benefit of supporting a solid, ingrained security culture inside and outside of the business.
If you wish to enhance your Cyber Security training, or need help with building a good security culture, contact us below and our team of experienced security experts will be happy to help.
Solution: Speak to GB3s Security Team
Contact Us: Here to help