Multi-factor authentication - the simple solution
Scott Adams
17 June 2021Long gone are the days when all you needed was your username and password to get into your email, your cloud applications, or your financial systems was enough. You might be asking “why do I need do this now?”.
Well, first things first, this new extra level of security, is known as multi-factor authentication (MFA) and consist of three simple things:
- Something you know
- Something you have
- Something you are.
Ultimately, MFA aims to reduce the likelihood of someone hacking your accounts by requiring you to enter multiple pieces of information about yourself. Whilst it may seem like a hassle, especially when setting up these multiple verification methods. And not to mention having to rush to find your phone for that text message code! MFA is there to make sure your accounts kept safe and secure.
All it takes is a hacker to compromise a single email account in your organization for example, and suddenly co-workers, customers and even families start to receive “legitimate-looking” emails from a person they trust asking for sensitive information.
So, what makes multi-factor authentication a big deal? Let’s break it down even more:
- Identity theft is easy, and it’s a growing threat to all businesses. MFA makes identity theft harder
- Weak or stolen credentials are hackers’ go-to method in a majority of attacks. MFA beefs up the strength of credentials considerably. It also makes stolen passwords less fruitful for hackers
- Small businesses are being targeted at a growing rate by cyber attackers. New security measures are not for enterprise-class organizations only. MFA is simple and relatively easy for small organizations to roll out. By simply enabling MFA email accounts on services like Office 365 you will find your personal information is much more secure and made much more difficult to hack.
- Other cybersecurity tools and solutions, like anti-virus and firewalls, are only as strong as their user authentication procedures. MFA can make your existing perimeter security stronger
- High-ranking employees and highly privileged user accounts are a hot target for hackers. MFA can be used specifically for administrative and executive accounts to protect them
- Cybercrime is about more than just stealing data. With MFA, you’re also attempting to stop attackers from destroying data, changing programs, and using your accounts to transmit propaganda, spam, or malicious code.
The reality is that many traditional cybersecurity measures can be compromised without MFA. Anti-virus software, firewalls, encryption tools, network monitoring solutions and more, can all be bypassed if hackers compromise them and gain credentials to privileged user accounts.
MFA helps to stop many common brute force attacks and phishing attempts like this. Plus, if a hacker ever manages to gain access to your username and a list of your commonly used passwords, if they don’t have the third or fourth verification steps, they’ll be stopped dead in their tracks!