Security

5 reasons multi factor authentication (MFA) should be part of your security

- August 11, 2021 3 MIN READ
multifactor authentication (MFA) can safeguard your business from cybercriminals

Multi Factor Authentication (MFA) is one of the most powerful tools you can use to stop cybercriminals in their tracks. With MFA in place, a stolen password doesn’t have to mean your defences are left wide open allowing an intruder to gain access to your systems to steal data, extract funds or execute some other kind of attack, writes Kurt Hansen, co-CEO of Tesserent.

MFA means that in order to log into a system, you need to provide more than one piece of information. For example, when you log into internet banking you need to enter a password. That password is a factor. With MFA you need to enter something else. This is why many banks now use one-time codes sent by SMS to verify your identity. That code you receive over SMS is another authentication factor.

A simple way to think about MFA is that logging in requires something you know, such as a password, and something you have like a phone that can receive or generate a unique code. Even if someone knows your password, the risk of them having your phone is very small so they won’t be able to access your account. We see MFA in many other places today. Social media sites use MFA as do many cloud services like Microsoft 365, Google Docs and apps like Salesforce and Xero.

MFA had a reputation for making life harder for businesses, but that’s changed significantly. Today’s MFA tools allow organisations to choose from a variety of different options that make using a second authentication factor easy. For example, many banks send a single-use code to the registered mobile phone of an authorised user. And many online services take advantage of platforms such as Microsoft and Google that provide smartphone apps that generate authentication codes that are refreshed every minute.


Here are five tips to use MFA to secure your business and your customers

1. Start with user education

Before deploying a MFA tool, talk to your staff and explain the risk you are trying to mitigate. Make it clear that the MFA tool you choose will offer flexibility in the way they log in so they won’t be inconvenienced. A good way to highlight the benefits is to show how MFA is being used in platforms they are familiar with like online banking and social media accounts. Don’t focus on the technology – discuss the risks and highlight the benefits for them and your organisation.

2. Choose a flexible MFA platform

Choosing an MFA platform that gives users choice over what second authentication factor they use is a powerful way of increasing user acceptance. For some, depending on their mobile device, using a biometric measure such as facial recognition or a fingerprint, is convenient while others might prefer a one-time code sent to them via SMS.

Also, allowing users to have two-second factors they can use ensures that if they lose access to one that they are not shut out of systems. For example, if they lose their smartphone, they can get a new SIM card in a new phone and revert to SMS until their MFA app is reinstalled and configured.

3. Prioritise your deployment 

Rather than trying to deploy MFA to every user in a big bang approach, start with a smaller group of important user accounts. For example, start with users who have administrative access to systems. These accounts are high priority targets for cybercriminals as they are master keys to critical systems. As well as ensuring your most critical accounts are protected, working with a relatively small group of accounts means you can refine your technical deployment and education approach before scaling across the organisation.


4. Don’t forget remote users

Not everyone will have network or cellular access all the time. While we often think of rural areas being where access is more limited, there are connectivity blackspots in urban areas. Ensure you choose a MFA solution that supports users when they don’t have access to mobile data communications. Make sure that your deployment and support processes are designed to meet the needs of all staff regardless of their location.

5. Monitor, reflect and refine

A successful deployment is just the start of your MFA journey. As well as monitoring systems to ensure everything is working correctly from a technology perspective, talk to users and ask them what works best for them. Use what you learn to refine your approach and streamline the operation of MFA. In particular ask how replacing lost or damaged devices works, whether they need to re-enter their MFA credentials and whether usability has been compromised. Look for opportunities to optimise MFA so that users see the benefits and embrace MFA as a more secure way to protect your organisation’s assets.

Almost every cybersecurity incident starts by an attacker gaining access to a user account. In many cases, this happens when they either guess a weak password or use stolen credentials. MFA means that a compromised password is not the end of the world and your business and it’s customers are protected.

Want more? Get the latest coronavirus news and updates straight to your inbox! Follow Kochie’s Business Builders on FacebookTwitter, Instagram, and LinkedIn.

Now read this

Scams in the world of COVID-19: How to protect your business from cybersecurity threats

 

 

Previous article
Next article
Via Security
Kurt Hansen

Kurt Hansen is co-CEO of Tesserent.

Latest News

happy indian small business owner using Ai gives more time in the shop News Working smarter not harder: Four ways AI can support your business 
- April 19, 2024
signs reading do's and don'ts in business Growth The do’s and don’ts of scaling your small business
- April 19, 2024
business advisory meeting with consultant coach- coaching Growth How to be the coach your people need during tough times
- April 18, 2024
mindset Growth How to tackle your business with a winner’s mentality
- April 17, 2024
tiktok videos can go viral which is great for your business Social Media 5 tips to grow your personal brand on Insta and TikTok
- April 17, 2024
a group of business peple gather around a table as one makes a suggestion and shows some paperwork. Business Advice Building your business based on suggestions
- April 17, 2024
KBB workshop feature Resources Early Bird tickets now on sale!
- April 16, 2024
forklift carrying boxes of product - symbolising a B2B sale Sales Keys to scale: Three tips to build a successful B2B retail business
- April 15, 2024
KBB Sales and Marketing Workshop