Cybersafety connections October 17,2022 vol#88
- Cybersecurity Tip#4 Multifactor Authentication (MFA).
- What is MFA? An electronic authentication method.
- Why is MFA important? In preventing ATO- (Account Takeover).
- SMBs faces various challenges with MFA implementation.
- How MFA can be implemented is varied as well.
MFA (Multifactor Authentication)
As stated severally in addition to or in place of passwords, MFA is a second layer of security to prevent hacks and when there is a hack to prevent unauthorized access.
What is MFA?
MFA is…………..an electronic authentication method. The multifactor authentication method (MFA) is a way of verifying the identity of a user by requiring two or more pieces of identifying information from the user to grant the user access to resources like an application, an online account, or a VPN.MFA is very important for identity and access control policy.
Why is MFA important?
MFA is important in preventing account takeover (ATO). Cybercriminals can take over online accounts by using stolen passwords and usernames bought from the dark web. Those credentials in the dark web got there through social engineering, breaches, and phishing attacks.
MFA is important in preventing account takeovers (ATO) and all the other cybersecurity threats that are associated with ATO.MFA tries to prevent cybercriminals from using stolen personally identifiable information to gain access to important services, data, and other resources.
Where SMBs face challenges with MFA
Even though MFA is very important to identity and access control policy, Small -to- Midsized Businesses (SMBs) are slow at using it as part of their security tool kit. Some of the reasons are;
- Not knowing about MFA and its benefits,
- Not understanding MFA,
- The time commitment needed to implement.
- The complexity of MFA technology.
- Not having the cybersecurity and staff budget to implement MFA.
More on these reasons can be found in this study done by Cyber Readiness Institute.
How can MFA be implemented?
MFA is affordable and free if SMBs use Microsoft 365 and Google workplace. Some methods of using MFA are more convenient than others in the order listed below.
- Push notifications to phone or alternate email addresses.
- One-time passcode.
- Token-based device.
- Time-limited and self-generated codes.
- Biometrics like facial or finger scanning.
- Authentication apps.
The thing about MFA is that it removes the need to type or use passwords, makes cybersecurity more efficient and gives a pointer to where there is high risk in operations in other prioritize and adjust identity and access management policy.
Subscribe to get the latest blog.