It’s important for small businesses to take steps towards securing their networks against new cyber threats as data breaches occur with greater frequency. We often think these attacks come exclusively from malicious actors, but the most troublesome threat that small businesses face are their own employees.
Human Error is responsible for at least 80% of data breaches. This fact can't be avoided by even technologically advanced huge corporations like Facebook and Apple. The present reality is that a single person within any organization can open the wrong document or click a suspicious link that can cause irreversible damage to your business.
Thankfully, there are tools available to businesses that help mitigate the role that humans play in cybersecurity. Multi-Factor Authentication is one of the easiest tools available to better secure your organization’s data.
What is Multi-Factor Authentication?
Multi-Factor Authentication, or MFA, is a popular security option that requires users to provide two or more forms of verification to be given access to private systems. The secondary step in the verification process involves a direct connection to the user via options like a phone number, text message, or verification app on a mobile device
There are several methods that allow users to provide a form of verification. Here are a few:
- Possession Factor – this is a physical object users can use to approve authentication, such as a mobile phone, smartphone application, or an ID card
- Time Factor – access to the system is restricted to a specific time window and users are unable to gain access outside of that determined period
- Location Factor – authorization is limited to users and devices within a specified geolocation, using GPS to track from where access is requested
- Biometric Factor – fingerprints and facial recognition are two methods of authentication that utilize a user’s unique physical characteristics
- Knowledge Factor: something known only to the user like a password or PIN
The most commonly used form of MFA I through an authentication app on a mobile device. Google Authenticator and Microsoft Authenticator are two of the most popular options and can be used for enabling MFA across many different software platforms and organizations.
Why is MFA Important?
Traditionally, we have used Single-Factor Authentication like passwords and passcodes to access private and privileged information. Relying on this single layer of security alone is insufficient for our business devices, much less our personal ones. A compromised password leaves an entire network vulnerable if that password is the only security factor needed to gain access.
Passwords alone are problematic for many reasons. A startling number of people use the same password for both professional and personal devices. They’re often using easily researched information about themselves like pet names and childhood street addresses. They even share passwords with their children, spouses, and friends!
More importantly, cybercriminals have their own methods for ascertaining passwords. Hackers routinely steal passwords from websites and organizations and post them for sale on the dark web for the highest bidder. With nearly 67% of American using the same password across multiple accounts, it’s difficult for tech professionals to maintain secure networks with passwords alone. MFA creates an additional layer of security for cybercriminals to cross should they gain access to a particular user’s password.
Popular MFA Resources
The most recognized MFA option is probably SMS, which connects your phone number to the site. When you log in next, you will be prompted to enter a short code which has been texted to your cell phone, in addition to entering your username and password.
Google Authenticator is a popular application that generates a code locally based on a secret key. Time-Based One Time Password, or TOTP, is the technology used here. These types of apps often begin the process by offering a QR code to scan which contains the secret key. Once a device is connected to the app, it will provide a new 6-digit code every 30 seconds that needs to be entered alongside a username and password.
Duo Push is an alternative to TOTP that some users find convenient that sends a prompt to your device during the login process, rather than require entering a code. When an attempt is made, you are alerted and provided an estimated location of the IP address trying to gain access.
Security with Convenience
Implementing new security procedures can be daunting for businesses of any size. Even with MFA, there is still a human element to consider, like employees losing access cards or having their accounts linked to a mobile device that hasn’t been changed.
This often requires retraining and teaching people how to break bad habits like writing down passwords, but these changes are vital to the continuity of many businesses who rely heavily on technology to operate. With time being an important factor, choosing the right Secondary Factor will greatly impact how these changes are received by employees.
Unfortunately, the password is no longer mighty enough to stand alone. Hackers are motivated and constantly developing new technology to infiltrate your network and steal your data. The only option is for businesses to keep up with these threats. For businesses and consumers, Multi-Factor Authentication is a critical addition to basic security protocols. Working with a trusted IT partner to implement this additional layer of security is one of the least inconveniencing options available for users to keep their networks and devices secure.
