MFA or multifactor authentication was important even before a large group of us moved to working remotely. Now that we are there, we are being targeted even more. Brute force attacks have increased significantly targeting RDP as people moved themselves to their home offices. Very targeted phishing campaigns have also increased as bad actors are using the COVID-19 situation to take advantages of our vulnerable state. One option we can use to help mitigate a portion of that risk is deploying multi-factor authentication.
Multifactor authentication, sometimes referred to as two-factor authentication, is a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.
Passwords alone simply are no longer a sufficient means to protect our valued information. Breaches are happening constantly and on average it takes anywhere from 6-18 months before you are notified the breaches have even occurred (if ever). Utilizing a password manager and making sure your passwords are not being reused is important to staying secure.
In the absence of MFA, if someone has your login name and password, they now have access to all resources that the specific account possesses. Email compromises are increasing at an alarming rate. So much info, sometimes sensitive, are exchanged there. Once in, bad actors could insert themselves into the conversations and/or gather intel to be used at an opportune time.
According to Microsoft’s blog, enabling MFA can reduce account compromise up to 99.9 percent. There are many options and experiences for end users depending on the solution you pick for MFA. It is important that the solution be vetted properly and communicated to your end users effectively. Let’s work together to decrease your company risk by implementing MFA today!