Operations & resources

Why should we use multi-factor authentication?

In a recent EMC and Vanson Bourne survey of more than 10,000 IT managers, 71% said they believe IT must serve as in-house brokers for on-demand services to help business growth. One imagines that, immediately after answering that question, they emitted a collective groan.

That’s because the IT manager’s plate is already heaped with a mountain of priorities. In addition to keeping the network up and running, and fulfilling the many competing requests from departments across the organization, they now need to think strategically about supporting business growth while also keeping security top of mind.

Administrators have installed antivirus software, raised the firewall, deployed encryption technology, and periodically run vulnerability tests. But the sobering reality is that if multi-factor authentication (MFA) is not in place, these other security measures can be bypassed. A best practice for IT managers is to categorize their systems to identify the ones that contain access to business-critical data, and then add MFA on top of those. MFA has low complexity, which makes it an easy addition. It can be rolled out quickly without busting the budget.

Streamlined access

IT complexity is a real and ongoing issue. Each change to the network has the potential to set off a chain reaction of tweaks and adjustments, which can irritate users and keep them offline. Since a streamlined authentication process keeps productivity (and morale) high, IT administrators should ensure that each new upgrade or addition affects access to critical programs as little as possible.

Advancements in remote access enable more and more employees to work from any location. The IT department is responsible for facilitating the ability of the remote workforce to perform its functions from outside the office environment, which means its authentication strategy must make it as easy as possible to safely access business applications from anywhere, at any time.

Using MFA, administrators can adapt the level of support needed using contextual information, such as login behaviour patterns, geo-location, and type of login system being accessed. For example, if the user is logging in from a trusted location where they have logged in before, they will not be prompted for a one-time passcode in order to authenticate. This allows end users the needed security with greater ease of use while working off-premise.

Eight reasons to support use of multi-factor authentication

  1. Identity theft is an easy, low-risk, high-reward type of crime and a threat to all businesses. It is the fastest-growing type of crime and is now more profitable than drug-related crimes.
  2. Weak or stolen user credentials are hackers’ weapon of choice, used in 95% of all Web application attacks.
  3. From 2013 to 2014, the number of successful breaches went up by 27.5%. The malicious actors are winning the war.
  4. Headlines tend to belong to the household-name companies, but they are not the only companies being targeted. Of all targeted attacks, 31% are aimed at businesses with fewer than 250 employees.
  5. Anti-virus systems and advanced firewalls are necessary security elements, as are vulnerability tests. Without user authentication, though, the front door is wide open to intruders.
  6. Password theft is constantly evolving as hackers employ methods like keylogging, phishing, and pharming.
  7. Cybercriminals do more than merely steal data. Often, they destroy data, change programs or services, or use servers to transmit propaganda, spam, or malicious code.
  8. Employees are already accustomed to authenticating themselves in their personal lives, as providers of online services like home banking, gaming, social media, and email have all adopted mobile-based tools to effectively authenticate their users when accessing their systems.

Security’s sanity-saver

Today’s IT administrators deal with pressures and demands from all sides, including the critical need for top-notch security whilst balancing this with convenience. As cyber criminals morph their methods in ever-more clever and complex ways, systems administrators must protect the network in such a way that access remains easy. Multi-factor authentication enables IT administrators to rest a little easier, knowing that they have deployed a security strategy that protects the company’s platforms and users alike, thus reducing complexity while ensuring access and boosting the flexibility of remote workers.

Free consultation (worth £300) – eliminate passwords without compromising data security – BOOK NOW to find out how

Originally posted 2020-10-07 11:20:05.

Bharat Panchal
The Business Bulletin

Don't miss out...

Enter your email address to ensure you receive the next edition of The Business Bulletin as it is published.

Bharat Panchal

After 30 years working in IT, Bharat decided to focus on helping businesses by offering the RSA SecurID® Suite which uses identity insights, threat intelligence and business context to provide secure access to all their users, across all their applications. Still traditional IT resellers, offering services and support in all IT matters however, what he actually does is deliver peace of mind to end-users and to management. With Bharat's help firms don’t need to worry about contravening strict rules on data access and GDPR regulations or about loss of data due to malicious attacks or plain forgetfulness.

Why should we use multi-factor authentication?

by Bharat Panchal Time to read: 2 min