Mankind has been using passwords for centuries for controlling access to protected locations and information. Just visualize the sentry standing at their post directed to stop any unknown enemy. Since the onset of computer systems and PC’s passwords have been promoted to protecting our personal and business data. Over the years, passwords and password encryption methods have become more complex, but so have the skills of hackers.
Usernames and passwords on average aren’t secure enough to protect your company’s sensitive data. Compromised passwords account for 81% of data breaches in the past few years. As we continue to transmit more and more sensitive information online, strategies we currently use to secure access to information are inadequate. It’s time to adopt another “stop, who goes there” layer of verification.
Multi-factor authentication adds that layer by utilizing password validation, as well as requiring the user to validate their identity using other factors. In effect, a user now needs at least two pieces of information to access their IT resource.
Three different characteristics are often used as factors in the authentication process:
- Something you know: Your password, pass phrase, or PIN.
- Something you have: A phone, key fob, employee access card, or code generator that is in your possession that gives you a time-sensitive passcode
- Something you are: Utilizing facial or voice recognition, retina scan, or fingerprint scanning
Two-factor authentication is a subset of MFA that utilizes just two of these variables to grant access to an account. By requiring more than just your user credentials (which are commonly compromised), MFA adds an additional layer of security that makes it nearly impossible for someone to gain access to your information. A person would have to know your password and have either your phone, or be holding you captive, in order to break into your account.
Why use Multi-Factor Authentication?
Twenty-Five percent of employees admit to using the same password across all their accounts, at home and office, and hackers rely on this lazy practice. Should any of those accounts be compromised, a hacker can use that information to access any other account that person has setup with the same username and password.
The scariest part is that often employees are giving these credentials away without knowing it! Phishing is a type of social engineering that is running rampant. Users are asked to enter their credentials into a fake site for “account verification” or under some other pretense, and those credentials are being used to log into whatever sites they can get their hands on. If you’ve given up your email credentials hackers can change your logins so you can’t get back in.
With multi-factor authentication, even if someone learns your password, they can’t access those protected accounts without having a pin or access code.
How it works:
NW Technology recommends all Office 365 customers enable multi-factor authentication on their accounts. We also encourage that any other services or line of business software your employees log into that offer MFA be enabled and mandatory.
This doesn’t mean it’s time to relax on your complex password management. We strongly suggest training your employees to not chose weak passwords, use the same password for multiple applications, store passwords in an insecure location or keep the same password for long periods of time.
Some businesses are hesitant to use MFA because they believe it will complicate the login process, confuse their employees and slow down their workflow. By requiring both pieces of information, businesses are dramatically reducing the chances of a data breach. The extra step and time is well worth the increase in security when you weigh it against the fact that the average cost of a data breach is $3.86 million dollars and rising.
How much does it cost?
That’s the best part, in most cases, it’s FREE! NW Technology and most software vendors want you safe, and all encourage you to adopt the practice of enabling multi-factor authentication.
Contact the Help Desk at 360-380-6987 and ask about implementing MFA in your organization.