If a criminal knew where you lived, and could easily steal the keys from your pocket, it wouldn’t be a lot of work for them to steal things from your home.
But imagine if you kept your keys in a massive locked safe. And not just any safe…
- A safe that can only be accessed with a security code
- A code that changes all the time
- You can only access the code from a secure phone app
- Which needs your fingerprint or face to verify that it’s really
you
You’ve now put your keys behind layers of extra security, making that criminal’s life a whole lot harder. What you’ve used here is called Multi-Factor Authentication, also known as MFA. And it has become the standard way to protect your business’s data.
Cyber criminals use increasingly sophisticated techniques to bypass security. So the more barriers you put in their way, the harder you make it for them to break into your systems. A cyber attack on a small business can be devastating. What would the consequences be for your business if your customers’ private information was stolen and held to ransom?
Can you imagine making that phone call to tell them what’s happened? That’s why it’s vital to think seriously about how best to protect the information you hold, and about the data your team members are able to access. Along with good staff training, MFA is one of the stringest security tools available.
But how does MFA work in practice? And what does it actually mean for your business?
Here's everything you need to know.
Two-Factor Authentication, also called 2-step verification, is better. 2FA requires you to identify yourself using two different factors, such as a password plus a single-use code that’s sent to your phone. 2FA is a form of MFA.
Multi-Factor Authentication (MFA) is similar to 2FA, but requires two or more identifiers, with a view to providing the greatest security.
MFA might use three types of authentication factor:
Knowledge Something you know, like a password or the answer to a question
Possession Something you have, like a USB key or token
Inherence Something you are, like your biometrics (this could be facial recognition or a fingerprint)
Which is the right solution for you?
Theoretically MFA is the most secure solution, especially for a business. However, MFA is still only as strong as the authentication methods you choose. And if it’s not implemented in the right way, it can create unintended issues.
For instance, MFA’s layered approach to security is what makes it strong. But too many layers can add ‘friction’ to the log in process. Make your people jump through too many hoops to do what
they need to do, and there’s a chance that they’ll just stop using it. And if people start using their personal email addresses because it’s too much of a pain to log in at work? That’s the opposite of solid security.
So a good MFA solution should be unobtrusive and will adapt to different situations. For instance it could be set up to apply different levels of authentication depending on the nature
of each login attempt. So it may link team members to their trusted devices. If that matches what’s usual, great. Only if it’s an unrecognized device, or it seems suspicious, will it ask for further information.
Many small businesses simply don’t survive a successful cyber attack. In particular, the impact, disruption and cost of ransomware attacks can devastate your chances of survival.
But implementing MFA can prevent the vast majority of these attacks.
According to Microsoft, MFA prevents 99.9% of automated assaults on its platforms, websites, and online services. It also found that MFA wasn’t implemented by 99.9% of accounts that had been hacked.
Microsoft’s numbers speak for themselves. Here are our top 6 reasons to adopt MFA in your business today.
1. It can protect your business from weak passwords
2. It prevents other methods of password theft
3. It makes using unmanaged devices more secure
4. It allows your other security tools to perform properly
5. It keeps you compliant
6. It can save a lot of stress
MFA isn’t the answer to all your cyber security prayers. But it slams the door on the majority of today’s cyber crimes.
So if you don’t already have it enabled across your network and its systems, you might be leaving that door open to a cyber attack at any time.
MFA solutions are just one of the services we provide to our clients every day. If you’re worried about protecting your business, get in touch now.
CALL: 306-955-3355
EMAIL: [email protected]
CONTACT PAGE: https://rivercitytech.ca/contact-us/
