Maximize your protection, eliminate business risks.
Optimize and modernize with cloud transformation.
Empower your people to work securely from anywhere.
What it takes to convince leadership that migrating to the cloud is the right move.
Let us handle IT so you can focus on growing your business.
Get multichannel 24/7/365 expert end-user support.
Stay ahead of attacks with 24/7 protection and monitoring.
Maximize uptime with with industry-leading DRaaS.
Improve efficiency, productivity and outcomes with cloud.
Ensure all mobile devices, everywhere, are secure.
Gain a competitive edge with strategic IT solutions.
This battle-tested checklist enables your team to swiftly initiate a ransomware response.
IT for businesses of all sizes, in any industry.
Empower institution growth with custom IT solutions.
Ensure your firm is always in compliance.
Improve patient care and staff morale.
Deal with pressing legal matters, not IT.
Keep up with the evolving digital landscape.
Focus on your mission by outsourcing IT.
Accelerate PE client deals and secure data.
Leverage your technology as a strategic asset.
Execute initiatives and develop IT strategies.
Get the latest industry insights and trends.
Join us at events in person and online.
Hear from clients and learn more about strategic IT.
See how Dataprise can make IT your greatest asset.
Get informative technical resources from IT experts.
Stay on stop of emerging cybersecurity threats.
Discover the key areas of DR your organization needs to address to ensure downtime is minimized.
Gain a strategic asset by bringing harmony to IT.
Ensure 24/7 support and security with dedicated teams.
Drive business forward by partnering with Dataprise.
Meet our one-of-a-kind leadership team.
Discover the recognition Dataprise has earned.
Help us help businesses with strategic IT.
Embracing different perspectives and backgrounds.
Find a Dataprise location near you.
Dataprise is committed to empowering more women to consider a career in technology.
Posts
Paul Reissner
Table of content
Who has access to your company’s network? At first glance, the answer may seem simple: your employees. However, if your business is one of many which does not utilize multifactor authentication (MFA) solutions, you may be unintentionally exposing your employees’ accounts to hacking attempts. In this article, we take a closer look at what MFA security is and why it is such an important tool in the digital age.
For readers who are unfamiliar with the concept, MFA is a method of authentication which requires users to provide one or more additional proof of identity besides their password. The goal of multi factor authentication solutions is to validate that the person logging is who they claim to be, and to prevent malicious hackers from authenticating into your network. It may seem irrational at first, but MFA is one of the most vital security improvements an organization can make, particularly those leveraging cloud services like Microsoft Office 365.
Google recently found that only 37% of Americans currently use MFA security, while according to Microsoft, 99.9% of Microsoft Enterprise accounts that get hacked do not use MFA. The correlation is clear: by challenging users to utilize more than one-factor of authentication, it’s unlikely that hackers will be able to obtain entry. These multiple factors can be separated into three specific categories; something you know, something you have, and something you are.
Most often, this is a password (or preferably, a passphrase), and your computer is challenging you to remember a string of characters to prove you are who you say you are. In concept, this should be the most secure method to prove your identity, since only you should know the correct characters and order to use. However, this method relies heavily on human memory, and it is technically possible for malicious software to correctly guess your password. It’s also easy for your password to be lost or stolen, including through a breach.
Passwords are commonly included as the first authentication factor in MFA, and as the only authentication factor for those who do not use MFA. It’s important to practice basic password hygiene:
Encourage your employees to practice these basic rules to ensure that accounts, especially those without a ‘second factor’ of authentication remain secure.
If you’ve ever received a code via Text Message (SMS) to log into an account or system, you’re authenticating using ‘something you have’. Other multi factor authentication solutions in this category include physical tokens (e.g., RSA tokens, Yubikey) and ID badges/fobs (commonly used for building access and especially prevalent in medical environments). These tokens are effective when used alongside ‘something you know’, as it’s unlikely that a hacker who has determined your password also has access to your smartphone or ID badge. However, many users are prone to lose, forget, or damage their phone or ID badge, and it can be time-consuming to provide a replacement. Your organization can take steps to help minimize the potential downsides to using ‘something you have’ for the second factor of authentication by considering the following:
Biometrics, such as fingerprint readers or facial recognition, have become commonplace as primary authentication methods for smartphones. It isn’t uncommon for enterprise-class laptops to also contain fingerprint readers and facial recognition systems that integrate into Windows. These systems often allow for more secure and efficient access when compared to a password but are most often applied as a single factor solution. As the title of this article suggests, we always recommend relying on multi factor authentication solutions, and a password is a good option as one of two or more factors used.
If you are already leveraging Microsoft 365 / Office 365, you likely have the appropriate licenses to use Microsoft’s built-in MFA security system. This system provides you with either SMS or an authenticator application using an interface that your users may already be familiar with, making it an ideal way to implement MFA. However, this built-in system only applies to your cloud services, not your desktop login. It provides essential security improvements in most instances, but it is not comprehensive, nor is it ‘one size fits all’.
Your organization will need to carefully consider where you would like to use mult ifactor authentication solutions and determine what solutions are supported right for your unique needs. There are many potential options, each with its own pros and cons, but any MFA system will greatly improve the security of the accounts within your organization.
Need help figuring out which MFA or managed cybersecurity solution is right for you? Contact Dataprise CYBER to get an expert opinion.
INSIGHTS
Subscribe to our blog to learn about the latest IT trends and technology best practices.