The cyber threat landscape has evolved, and it is more difficult than ever for businesses to protect their data. Passwords alone are no longer enough to secure your computer systems. Stolen and weak passwords are involved in a majority of cyberattacks, and hackers seem to always be developing new ways to steal credentials. The best thing you can do to strengthen your login security is to enable multi-factor authentication.
What is Multi-Factor Authentication?
MFA requires that a user provide two or more forms of authentication when logging into the system. Think of it like needing multiple forms of ID when applying for a license. These forms of authentication can include:
- Something you know: a code, password, or PIN.
- Something you have: a key fob, access card, or digital token.
- Something you are: fingerprints, facial recognition, and other biometrics.
With the wide variety of options available, you can craft an MFA policy to fit your specific security needs, but the most common form of MFA is the combination of a login password and a digital token. This digital token can be in the form of an authenticator app on their cell phone, or a code sent by text message. This confirms that they know the password and are in possession of a physical object that confirms their identity.
According to Microsoft, 99.9% of compromised accounts in 2020 did not use multi-factor authentication, along with 74% of ransomware response engagements in 2022. MFA isn’t a silver bullet that will solve all your cybersecurity needs, but adopting it is an important first step toward developing a more mature cybersecurity posture. Here are some reasons you should enable MFA on your systems today:
Identity and Password Theft
User data, logins, and passwords are stolen from companies and websites around the world every day, and your employees could be among the victims. If hackers gain access to a user’s data from another company or website, they can use it to try to break into your system. This is especially problematic when someone reuses passwords across multiple accounts.
MFA can also protect against social engineering attacks like phishing. Phishing is one of the most common forms of cyberattack, where fraudulent emails or websites try to trick targets into divulging their login information. Multi-factor authentication helps protect your system even if passwords are compromised.
Password Problems
A study last year found that “password” was the most common password around the world, followed by “123456.” Weak passwords like these are the first to be tried and can be cracked in seconds. In response, we’ve seen the introduction of password requirements (e.g., numbers, capital and lowercase letters, and special characters) and password change policies. Multi-factor authentication can help shore up the strength of weak passwords and take some of the weight from the more onerous password requirements.
Business Email Compromise (BEC)
The FBI says Business Email Compromise is one of the most financially damaging online crimes. As companies get better at securing their computer infrastructure, we could see hackers pivot even more toward targeting email systems. So much critical business is carried out via email it is easy to imagine how much damage a hacker can do with a compromised email account. MFA for email helps mitigate the risks of BEC and is recommended by the FBI.
Remote Work
Multi-factor authentication has proven invaluable for companies that rely on remote workers and third-party contractors. Home and public internet connections are rarely as secure as in the office, not to mention security software that may not be on a user’s personal devices. Unsecured networks provide an easy attack vector for hackers, and MFA ensures that any external connection attempts are valid.
Compliance
Certain industries like healthcare, infrastructure, and finance are required to follow very strict data security regulations, and multi-factor authentication is often required by regulatory compliance. In addition, many cyber insurance companies, and Managed Security Service Providers, including us at CBM Technology, require clients to use MFA for coverage.
Customizable and Scalable
Multi-factor authentication can sometimes feel like a burden, adding extra steps to a login process that might already include a hard-to-remember password. But MFA can be tailored to be less intrusive and foster productivity. With so many options available, it can be made to work for individual users, while also being able to set different standards for higher or lower levels of security scrutiny. MFA can also be integrated beyond just computer and email login, adding an extra layer of security wherever needed.
MFA is Here to Stay
If you haven’t enabled multi-factor authentication, the time to do so is now. MFA helps protect against so many vectors of cyberattack that not using it might as well be an invitation for hackers. MFA will always be a core element of a mature cybersecurity posture. The FBI recommends it, and so does CBM Technology. Contact us to learn more about using multi-factor authentication at your business.