Proudly serving Virginia, Maryland and DC // Call us today! 703.396.6120
V2 SystemsV2 Systems
Why It’s Time to Stop Using Single Factor Authentication

by Erik Briceno

We’ve talked about the importance of multi-factor authentication (MFA) on our social media channels quite often. And now, in a recent bulletin put out by the Cybersecurity Infrastructure and Security Agency (CISA), they have made an official recommendation to businesses and organizations that single factor authentication (SFA) should no longer be used.

In light of this, we felt the importance of publishing a quick review on multi-factor authentication, or MFA, why it’s so essential, and what it entails.

What is multi-factor authentication?

Multi-factor authentication simply refers to the process of using multiple authentication requests when a user logs into any given system. For example, someone who wants to log in will need more than just a username and password. Often, they will also have to provide a code sent to them via text message or email. A process that requires only two steps such as these is known as two-factor authentication, or 2FA. MFA is a catch-all term that includes 2FA as well as any process that requires three or more steps. Additional factors of authorization could include fingerprint identification, facial recognition, voice recognition, pin numbers, a security token or any number of additional methods for proving that you are who you say you are.

Why use multi-factor authentication?

By themselves, usernames and passwords are no longer sufficient to protect accounts with sensitive information. Between password decryption utilities that are now available to literally anyone on the internet, social engineering fraud, phishing campaigns and a plethora of other methods used to obtain someone’s password, having this singular layer of account protection simply isn’t enough. And now, as more organizations are relying increasingly on remote workers to tow the line, cyber vulnerability is at an all-time high. But by using multi-factor authentication, you can protect these accounts with additional layers of security, thus reducing the risk of online fraud, identity theft and enterprise-wide data breaches. It’s not a panacea, but at the very least it can protect you from the majority of cybercriminals who give up after the first attempt to move on to easier targets at a faster pace — those targets who are only using passwords without any additional confirmations.

How do you use multi-factor authentication?

The method for setting up multi-factor authentication varies according to the platform you’re configuring it for. Microsoft 365 for example has its own suite of configuration options and has its own tutorial for setting up MFA. Other platforms such as Amazon Web Services have their own set of instructions. Ideally, you want to set up a form of MFA on any application or service that requires a login of any kind. Each one will have its own process involved. Most will be similar, but not all are immediately apparent. We suggest either looking up the process for the platform in question, or — even better — simply sending us a support ticket to set it up for you on every application that needs it. The latter option is the most ideal as it can save you a lot of time, as well as ensure that all of your security settings are configured exactly how they should be.

V2Systems CISA MFA recommendation August2021 Blog1 Pic2 1024x683 - Why It’s Time to Stop Using Single Factor AuthenticationIt’s unfortunate, but things just aren’t as simple as they once were. A single, lone password cannot be the only thing standing between your entire organization and a group of cybercriminals who are taking full advantage of this year’s chaos to steal from you. It only takes an extra couple of steps to protect your remote workers and your business from the worst of it.

At V2 Systems, we can provide you with the extra layers of security needed to keep your organization safe, no matter the environment. Not only will we ensure that MFA is enabled for every user, but we will also actively monitor your entire cyber infrastructure in real-time. If you have questions about MFA or cybersecurity in general, contact us for a free consultation.

 

Since 1995, Manassas Park, VA-based V2 Systems has employed local systems administrators, network engineers, security consultants, help desk technicians and partnering companies to meet a wide range of clients’ IT needs, from research, to implementation, to maintenance. Concentrate on your VISION…We’ll handle the TECHNOLOGY!

ebriceno
About ebriceno
Erik Briceño is the owner of V2 Systems, Inc., one of Northern Virginia’s leading Information Technology Managed Service Providers. He is an inspiring leader for its employees and instrumental business partner for its customers. He is passionate about V2’s purpose, dedicated to exceeding expectations and a consummate professional not afraid of jumping in and getting his hands dirty. Prior to joining V2 Systems in 2002, Erik was a co-founder and COO of Ampcast.com, a leading provider of online resources servicing over 5,000 independent musical artists. At Ampcast.com, Erik spearheaded all aspects of corporate development, funding, strategic vision, and business development for the firm. From 1997 to 1999 Erik held the position of Acoustic Systems Engineer for Electric Boat Corporation, a leading defense contractor. In this role, Erik was responsible for the acoustic fidelity of two noise critical systems and components in the US Navy’s nuclear submarine systems. Erik holds a B.S. in Mechanical Engineering from Vanderbilt University and a Masters of Business Administration from George Mason University. When not working, you will find Erik a dedicated family man, raising two young children with his lovely wife Karen. Together, they enjoy building legos, playing baseball, skiing, riding horses, swimming, traveling, and fixing up old Mopars.
Why It’s Time to Stop Using Single Factor Authentication
Why It’s Time to Stop Using Single Factor Authentication