We’ve talked about the importance of multi-factor authentication (MFA) on our social media channels quite often. And now, in a recent bulletin put out by the Cybersecurity Infrastructure and Security Agency (CISA), they have made an official recommendation to businesses and organizations that single factor authentication (SFA) should no longer be used.
In light of this, we felt the importance of publishing a quick review on multi-factor authentication, or MFA, why it’s so essential, and what it entails.
What is multi-factor authentication?
Multi-factor authentication simply refers to the process of using multiple authentication requests when a user logs into any given system. For example, someone who wants to log in will need more than just a username and password. Often, they will also have to provide a code sent to them via text message or email. A process that requires only two steps such as these is known as two-factor authentication, or 2FA. MFA is a catch-all term that includes 2FA as well as any process that requires three or more steps. Additional factors of authorization could include fingerprint identification, facial recognition, voice recognition, pin numbers, a security token or any number of additional methods for proving that you are who you say you are.
Why use multi-factor authentication?
By themselves, usernames and passwords are no longer sufficient to protect accounts with sensitive information. Between password decryption utilities that are now available to literally anyone on the internet, social engineering fraud, phishing campaigns and a plethora of other methods used to obtain someone’s password, having this singular layer of account protection simply isn’t enough. And now, as more organizations are relying increasingly on remote workers to tow the line, cyber vulnerability is at an all-time high. But by using multi-factor authentication, you can protect these accounts with additional layers of security, thus reducing the risk of online fraud, identity theft and enterprise-wide data breaches. It’s not a panacea, but at the very least it can protect you from the majority of cybercriminals who give up after the first attempt to move on to easier targets at a faster pace — those targets who are only using passwords without any additional confirmations.
How do you use multi-factor authentication?
The method for setting up multi-factor authentication varies according to the platform you’re configuring it for. Microsoft 365 for example has its own suite of configuration options and has its own tutorial for setting up MFA. Other platforms such as Amazon Web Services have their own set of instructions. Ideally, you want to set up a form of MFA on any application or service that requires a login of any kind. Each one will have its own process involved. Most will be similar, but not all are immediately apparent. We suggest either looking up the process for the platform in question, or — even better — simply sending us a support ticket to set it up for you on every application that needs it. The latter option is the most ideal as it can save you a lot of time, as well as ensure that all of your security settings are configured exactly how they should be.
It’s unfortunate, but things just aren’t as simple as they once were. A single, lone password cannot be the only thing standing between your entire organization and a group of cybercriminals who are taking full advantage of this year’s chaos to steal from you. It only takes an extra couple of steps to protect your remote workers and your business from the worst of it.
At V2 Systems, we can provide you with the extra layers of security needed to keep your organization safe, no matter the environment. Not only will we ensure that MFA is enabled for every user, but we will also actively monitor your entire cyber infrastructure in real-time. If you have questions about MFA or cybersecurity in general, contact us for a free consultation.
Since 1995, Manassas Park, VA-based V2 Systems has employed local systems administrators, network engineers, security consultants, help desk technicians and partnering companies to meet a wide range of clients’ IT needs, from research, to implementation, to maintenance. Concentrate on your VISION…We’ll handle the TECHNOLOGY!