What Are the Benefits of Using Multi-Factor Authentication (MFA)?
Password security has been an ongoing challenge for businesses ever since the first login credentials for business technology were created.
The age-old battle is between the need to have unique, strong passwords for every account and the fact that one person can’t reasonably remember all those strong passwords.
Depending upon company size, the average employee is expected to remember anywhere between 25 to 85 unique account username/password combinations.
The beneficiaries of this problem have been cybercriminals who are going after login credentials with a vengeance. This is especially true since so many businesses have switched to cloud workflows in accounts that are protected only by the strength of credential security.
One of the biggest threats to credential security is phishing. According to Proofpoint’s State of the Phish report, nearly 90% of organizations experienced phishing attacks in 2019 and phishing email volume has increased 67% year over year.
When faced with an assault on IT security, one of the tools in a company’s cybersecurity arsenal is multi-factor authentication (MFA).
How Does MFA Work?
MFA adds a secondary factor of authentication beyond the username and password combination.
There are typically three factors of authentication:
- What you know: Username & password
- What you have: A physical device that can receive a login code
- What you are: Biometrics, like fingerprint scanning
When you’re only using the first factor of authentication, it’s easy for a hacker to get their hands on that information. Business email addresses, which are typically used as usernames, are widely available. Passwords can be compromised by being weak and easily guessed, through hacking software, or due to a large-scale data breach of a database full of them.
What MFA does is add a requirement for another factor of authentication, which is the “what you have.” The most popular method is to register a device when setting up MFA that can receive a login code.
Once MFA is enabled, the login process will go something like this:
- Enter Username/Password
- Click to receive MFA code
- Receive time-sensitive code on your device
- Enter code to complete login and gain access
On platforms like Microsoft 365, MFA can be enabled for all users at once. The next time they login, they receive a prompt to setup their device for multi-factor authentication.
Benefits of Enabling MFA
Prevents Common Phishing Email Risk
Credential theft became the #1 type of phishing attack in 2019. Users can often get fooled by a phishing link that takes them to a page that looks identical to an account login they’re used to. But as soon as they enter their login, their account is breached.
Phishing email is more of a problem than many businesses may realize. Here at Cleartech Group, we see tickets for spam/phishing emails or email breaches due to phishing at least 2-3 times a week.
It takes a layered approach to prevent common phishing emails from causing account breaches. This includes using tools like Proofpoint to help protect email from malware threats. MFA is also an excellent protection.
If you’re using MFA, even if an employee is fooled by a phishing login page, the hacker can’t use those stolen credentials to access the account because they’ll be blocked by the MFA requirement for the secondary login code.
Solves the “Bad Password Habits” Problem
Employee IT security training can help reduce the number of bad password habits that your team has, but it’s still a prevalent issue even with training.
45% of employees admit to reusing passwords across multiple accounts, both work and personal. When passwords are reused over several accounts, it makes them easier to breach.
Using MFA offers an important protection against lax password practices by employees and protects business accounts even if the login password has been compromised.
Secures Cloud Platforms (Microsoft 365, G Suite, etc.)
Both Microsoft and Google recommend using MFA as one of the best ways to secure Microsoft 365 or G Suite accounts. Today, Central Massachusetts businesses have a large part of their data stored in cloud platforms like these, along with critical services like business email.
One account breach of an all-in-one cloud platform can impact several operational areas of a business. Multi-factor authentication adds an important layer of security to those accounts to significantly reduce IT security risk.
MFA is Proven to Be Extremely Effective at Preventing Breaches
Both Microsoft and Google have released study results showing the effectiveness of MFA.
According to Microsoft, MFA is 99.9% effective at preventing fraudulent sign-in attempts on cloud accounts.
Google’s data shows that use of multi-factor authentication can stop as many as 100% of automated bot attacks and 99% of bulk phishing attacks.
This makes MFA one of the cybersecurity solutions that has the highest level of effectiveness when it comes to protecting your account security.
Get Help Enabling MFA for Your Cloud Platforms
Cleartech Group can help your business enable MFA on platforms like Microsoft 365, G Suite, and others to keep your accounts secure.
Contact us today to discuss our cybersecurity options! Call us to chat at 978-466-1938 or reach out online.