It’s safe to say that Multi-Factor Authentication (MFA) isn’t popular. According to Microsoft, only 22% of their enterprise customers use it, and many people seem to associate it with annoyance. Unfortunately, strong and unique passwords just don’t cut it anymore, and if we’re being honest, many of us don’t even get that part right. About 65% of us admit to reusing them.
MFA is absolutely worth the hassle. If a criminal guesses your login credentials — or nabs them another way — they probably won’t be able to do much if you have MFA in place. While MFA isn’t totally infallible, according to Microsoft, it’s enough to block 99.9% of account hacks.
What Is MFA?
If you’ve had to enter a PIN before withdrawing funds from an account, you’ve used MFA. Multi-factor authentication is also sometimes called two-factor authentication, and it just means that you’re using more than one piece of evidence to prove who you are.
There are three categories of “evidence” you can use:
- Something you know, like a password or PIN
- Something you have, like a smart device or your laptop
- Something you are — your voice, your face, or your fingerprints.
Two-Factor Authentication (2FA) in Practice
Two-factor authentication doesn’t always have to be inconvenient. For example, once an app has authenticated you on one device, you might not have to do it again when you log in again on that same device.
And while it may seem like companies are putting more of the burden on you to secure your data, they’re also working hard to minimize security conditions behind the scenes. For example, MFA apps will also use advanced analytics to red flag any suspicious activity, like someone trying to log in 15 minutes after you did from halfway around the world.
MFA and Zero Trust Architecture
Traditional cybersecurity methods only established a secure perimeter around an organization’s data. But if a hacker got inside the gates through stolen — but legitimate — login credentials, they basically had the keys to the kingdom.
Modern cybersecurity is based on zero trust architecture, which enables you to create specific rules for who can access what and when, and places additional barriers around sensitive data. Once a user has been fully vetted through MFA and makes their way inside a network, their activities are confined to what they need to access to do their jobs and nothing more.
MFA isn’t perfect, and a skilled cybercriminal can still find ways to bypass it. However, MFA makes it much more difficult and time-consuming for hackers to make it through the front gates, and that’s usually enough to discourage an attack. Cybercriminals are mostly opportunists looking to turn a large profit in a short amount of time. When you make yourself a tougher target, they typically leave you alone.
How To Get Employees To Start Using (And Loving) MFA
It’s not like organizations haven’t tried to help users improve the security of their passwords. Even when businesses require password resets, many employees will only change a character or add a number. Plus, 61% of Americans are highly susceptible to phishing scams. No matter how strong and unique an employee’s password is, it doesn’t help if they give it away.
In a battle pitting convenience against security, people tend to choose convenience. Therefore, the key to making security measures successful is to make them so easy that people aren’t tempted to invent their own workarounds.
Fortunately, an easy, secure solution does exist, and it can work on any device or any app anywhere.
Easy MFA for Business
Duo by Cisco is a cloud-based solution that can be set up in mere minutes. Your IT staff will like the simple reporting tools as well as the ability to add users and devices quickly. But perhaps more importantly, your users will be able to choose the MFA method they prefer. Some methods only require a single tap, and the app will also look for any red flags before it authenticates someone.
At Marco, your cybersecurity is always top of mind. We’re always happy to find a solution that makes it easier for businesses to stay secure without reducing productivity or causing friction. Plus, as a Cisco Gold Partner, we can make sure you’re getting the very best deal and provide best-in-class support. If you’re interested in getting MFA for your business, let us know how we can help!