With cyber-attacks on the increase, multi-factor authentication (MFA) is no longer an optional feature for Australian businesses. It’s essential.
These days, employees are required to remember numerous passwords to login to different applications. As a result, employees often either use the same password, weak passwords or recycle old passwords.
As it can be easy for hackers to get access to usernames and passwords, it is unlikely that they will be able to access unique factors such as your fingerprint.
In this post, we explore how MFA works and why it’s essential to get everyone on-board.
What is Multi-Factor Authentication?
Multi-factor authentication is defined as a method of authentication that uses two or more authentication factors to gain access to a resource.
Typically, a user is required to login with a username and password first, followed by a one-off unique code generated by one or more of the following:
- Phone call
- Mobile app
- One-time password (OTP) token
- Biometrics (e.g. fingerprint)
Why Implement Multi-Factor Authentication?
With over 300 million fraudulent sign-in attempts targeting Microsoft cloud services every day, Microsoft’s Alex Weinert, states that enabling an MFA solution blocks 99.9% of these unauthorised login attempts, even if hackers have a copy of a user’s current password.
Google has also stated that users who added a recovery phone number to their accounts (and indirectly enabled SMS-based MFA) were also improving their account security.
“Our research shows that simply adding a recovery phone number to your Google Account can block up to 100% of automated bots, 99% of bulk phishing attacks, and 66% of targeted attached that occurred during our investigation.”
While no single mitigation strategy is guaranteed to prevent cybersecurity incidents, organisations are recommended to implement eight essential mitigation strategies as a baseline. This baseline, known as the Essential Eight, makes it harder for adversaries to compromise systems. One of those strategies is, of course, multi-factor authentication.
Azure Multi-Factor Authentication
One of the tried-and-tested solutions that Huon IT recommends is Microsoft Azure MFA, which helps safeguard access to data and applications while maintaining simplicity for users. It provides additional security by requiring a second form of authentication and provides strong authentication via a range of easy to use authentication methods.
Azure MFA works by requiring two or more of the following authentication methods:
- Something you know - e.g. a password
- Something you have – e.g. a trusted device that is not easily duplicated like a phone or hardware key
- Something you are – e.g. face scan or fingerprint
For more information on Azure, click here.
If you need help improving your organisation’s security posture, get in touch with our team.
Click here to read about How to Select a Password Manager for Your Business.
For more information regarding cybersecurity, click below.