When it comes to cyber security, protecting your domain accounts from unauthorised access is crucial. Multi-factor authentication (MFA), is a simple, but effective measure, which can help to protect your business from cyber attacks.
Multi-factor authentication requires users to provide additional identity verification through a passcode, security question, or biometric recognition. MFA has been shown to be so effective that according to Microsoft, 99.9 percent of attacks can be prevented by enabling multi-factor authentication.
For IT departments, MFA is an ideal measure to put in place, as it adds another layer of security to sensitive data, deters hackers from easy targets, whilst remaining easy for staff to use. Here, we’ll go over how multi-factor authentication works, different MFA types and how MFA can protect your business.
How does multi-factor authentication work?
Multi-factor authentication is particularly effective because it requires a combination of verifications to work together to confirm identity. The difference between MFA and 2FA is simple. Two-factor authentication (2FA) always utilises two of these factors to verify the user’s identity. Multi-factor authentication (MFA) could involve two of the factors or it could involve all three. “Multi-factor” just means any number of factors greater than one. MFA is considerably more secure than user created passwords, which are often the weakest entry point to a business’s network.
Most MFA will include a combination of the following:
- A knowledge factor, such as a password, a PIN, or answers to security questions
- A possession factor, such as a physical token, an authenticator app, or a one-time password sent via text or email
- An inherence factor, such as a biometric identifier, like your fingerprint, voice, or retina.
The advantage of this for cyber security teams is the ability to configure the MFA required to access business systems, applications and accounts. For example, the MFA can be configured to a username and password (a knowledge factor), an OTP sent via SMS text message to your mobile device (a possession factor), and an additional verification in an authenticator app (another possession factor).
Location- based and risk-based multi-factor authentication
MFA can also be set with a ‘location-based authentication’, which looks at a user’s IP address and geographical location, blocking access if this falls outside of a certain radius. It can also follow ‘risk-based authentication’, which examines user behaviour, such as the time of access or the device used. If the risk level is shown as high, the user will be required to enter further MFA information to confirm their identity.
Examples of how multi-factor authentication can protect your business
MFA should play a critical part in your cyber security strategy. Not only does multi-factor authentication verify that authorised users have access to sensitive data, but it also deters hackers who often take advantage of weak passwords to infiltrate accounts. Here are three ways you can use MFA to improve your cyber security:
1. Very user identity
One of the biggest threats in the cyber security world today is identity theft. A traditional username and password are no longer enough to protect company data and accounts from cyber criminals. MFA can supplement login credentials with an additional layer of protection.
2. Single Sign-On (SSO) solutions
Many MFA solutions are compatible with SSO. Instead of creating a unique username and password combination for every account, you can use one SSO account with multi-factor authentication to make access easier for authorised users without compromising security.
3. Meeting compliance requirements
Besides preserving your company’s reputation, protecting consumer data is required by many IT compliance regulations. Multi-factor authentication is an easy and highly effective way to control access to your customer’s sensitive data, like payment information.
Concerned about cyber breaches? Talk to us
If you’re concerned about cyber security breaches in your business and would like to find out more about MFA and other IT security measures, we can help you decide on the best way forward. We’ll discuss how to protect your data and will look objectively at your business, systems and security needs and work with you to develop an effective security plan.
If you would like to speak to us about any aspect of this article or to discuss how MFA could be implemented into your organisation, contact Andrew Wayman at andrew.wayman@sdt.co.uk or call our office on +44 (0)1344 870062.