Although the exact evolution of Multi-Factor Authentication (MFA) is a subject for debate, one aspect of it is not. All businesses should be using MFA, and by not doing so, they are putting their data and their companies at risk. Despite the popularity of passwords, they are not enough, period. End of story.Over the past decade, billions of people have fallen prey to cybercriminals who stole their credentials from corporate databases that were hacked. Companies and their personnel need to take responsibility for information security into their own hands, and one of best places to start is implementing MFA.So grave has the danger become, in fact, that many insurers are refusing to provide cybersecurity insurance to companies that do not mandate MFA in their operations. (Not familiar with cybersecurity insurance? We can help there, too.)
MFA requires a user to provide multiple credentials (factors) to validate his or her identity. The factors are typically a combination of three things:
Within these guidelines, organizations and their users have considerable latitude, provided they ensure that at least 2 of these credentials is being used.
It may seem like a no-brainer to implement MFA, but companies often experience user hesitancy, or even rejection. It can be inconvenient to use, and it requires personnel to memorize information, such as what they selected for their “item you know.” Nevertheless, the alternative is unthinkable, and it is important for business owners to stress that point.From a security perspective, most insurance carriers now recommend firms have three MFA controls in place:
These key areas are a good start, but depending upon a firm’s level of exposure and any compliance mandates to which they are subject, it may not be enough.Here’s the good news. Per a Microsoft study, MFA can block over 99.9% of account compromise attacks. That’s a number we can get behind.
Per Bloomberg News, use of multi-factor authentication might have been able to prevent the ransomware attack that shut down the Colonial Pipeline. If you still aren’t sure, are uncertain where to start, or just need information to help you make the best decision, we invite you to call us. Let’s work together to ensure your business pipeline isn’t endangered.Check out our Vault Managed Services offering, it includes robust MFA tooling for maximum protection. We’ll help you explore MFA — which is also a key component of Carmichael Consulting’s 15-point security plan. To schedule a complimentary consultation, call 678-719-9671 Option 2 or email sales@carmichaelconsulting.net.
.svg){kind=small}
-svg.webp){kind=small}
.svg){kind=small}
%20(1).jpg){kind=avatar}
%20(1).jpg){kind=avatar}
%20(1).jpg){kind=avatar}