Multi-Factor Authentication is becoming part of daily digital activity. Traditionally, you would access online accounts with a username and a password. However, with the changing digital environment, usernames are often easy to discover and, since passwords can be hard to remember, people tend to pick simple ones, or use the same password across all accounts.
Almost all online services – banks, social media, shopping and Microsoft 365 – have added a way for your accounts to be more secure. This is sometimes referred to as “Two-Step Verification” or “Multi-factor Authentication”. When you sign into the account for the first time on a new device or app (like a web browser) you need more than just the username and password. You need a second “factor” – to prove who you are.
In today’s current climate, everyone and every organisation is a target, so we need to make strides to enhance security measures. Multi-factor authentication is a simple way to add a layer of protection to the sign-in process.
Why should I use MFA?
If you only use one password to login or authenticate a user, it can leave you vulnerable to a cyber attack. If that password is weak or has been exposed elsewhere, it is an easy entry point to your network by an attacker. When you are required to use a second form of authentication, security is significantly increased as this additional step isn’t something an attacker can easily obtain or duplicate.
With MFA, even if a compromised password is used, the attacker would be unable to gain access without either a code or fingerprint confirmation, and the legitimate user would be notified of the attempted login.
MFA and Microsoft
Microsoft is taking the first steps towards mandating MFA by switching off basic authentication methods in Exchange Online. Modern authentication will become the standard for Microsoft’s online services, allowing Microsoft to begin to mandate MFA for all cloud services.
If you are considering obtaining a Cyber Essentials certification, under the new criteria, MFA is a requirement for all cloud accessed apps, therefore, you must have this in place beforehand.
Ready to implement MFA?
How MFA can be implemented to your business will depend on the complexity of your infrastructure. Get in touch with our experts today to learn how we can help!