Happy New Year and happy new decade! 2020 is finally here and with it yet more challenges to our cybersecurity are bound to arise. Businesses, the Cloud, mobile phones and AI are all areas that will continue to be exploited by cyber criminals and so it's vitally important that you keep ahead of the hackers by finding ways to keep your company and staff safe. One such way is by putting Multi-Factor Authentication (MFA) in place, everywhere…Welcome to this quarter's hot topic from your IT Security News!
Multi-factor authentication - what is it and why should you have it enabled, everywhere!
As far as I’m concerned, Multi-factor authentication (MFA) should be enabled on any account or device that will allow it to be enabled. It’s 2020, hackers are rife, and the list of stolen credentials out in the wild is, unfortunately, growing daily.
MFA is a security system that creates a layered defence against cyber criminals by making it more difficult for an unauthorised person to access a target such as an email, computing device, network or database. Put simply, it means having more than one method of authentication before you can gain access to an account. You’ve probably come across it when accessing your online banking for example, or logging onto a website and being asked to enter an additional one-time password.
Traditionally all I would need to gain access to your e-mail account, for example, would be your password.
However, with Multi-factor authentication enabled, even with your password, I still can’t be validated and gain admission to your account. The additional security layer put in place is usually an app on your mobile phone that either generates one time codes, sends you a code in a text message, or the authentication app you use can just pop up a message that you either press 'approve' or 'deny' to login real time.
So, with that in mind, hackers would need your phone as well as your password to gain access to the account, which obviously makes it a whole lot harder for them to do.
Back in August last year, Microsoft stated that enabling MFA stops over 99.9% of compromises to 365 accounts! 99.9% - incredible!
If that number doesn’t prove to you how important it is for you to use MFA, then maybe a compromise will – and they are almost inevitable without it enabled. (I dealt with a large number of compromised Office 365 accounts in 2019, in a variety of businesses and expect this to continue until MFA becomes the norm.)
Multi-factor authentication should be enabled wherever possible. So for any online business logins you have, MFA should be investigated and enabled if available.
There are also plenty of personal implications as well as business ones. To protect your personal data from cyber attacks, Amazon, Facebook, PayPal, LinkedIn and many more websites all have the option to enable MFA, and so you should look to get these turned on in order to stay ahead of the hackers. They will think nothing of committing fraud and attacking your family and friends whilst pretending to be you.
So if there's one New Year's resolution to make - it's to embrace multi-level protection wherever possible!
Last year we shared a quick video explaining MFA and how it works - to watch it again, click on the image below: