Why and how you should use MFA to protect sensitive data
Multi-factor authentication (aka MFA, 2-factor authentication, 2fa and so on) is a highly recommended, additional layer of security for the user accounts that you use to access things such as your email, accounting system or corporate remote access. Even though it’s a very simple step, it can massively increase the level of security protecting your sensitive data. In fact, 99% of all attacks can be circumvented by enabling this free service.
Most people will already be familiar with MFA through their internet banking, and the requirement to enter a special code from a key-fob to authorise payments. Working with MFA on your user accounts is no different, and in fact can be even easier in some cases thanks to some clever technology from the likes of Google and Microsoft.
So why should I set up MFA?
1. MFA is free
You heard that right. In most cases MFA needs to be enabled separately for each system, and each user account, but as long as the system in question already supports MFA (which most of the main ones do) then it’s actually a very straight-forward process to enable MFA, and it won’t cost you anything.
For systems that do not natively support MFA, a third-party MFA solution may be required (that will likely cost), but thankfully more and more systems are natively supporting MFA, especially the newer cloud-based platforms.
2. MFA is super easy to use
If you are able to cope with entering a username and password, then you are perfectly well equipped to handle MFA as well. Most common platforms such as Xero and Microsoft Office 365 use clever apps on your phone such as Google Authenticator and Microsoft Authenticator to help with your MFA access. For example with MFA enabled on your Xero account you would simply enter your usual username and password, followed by a randomly generated code displayed by the Google Authenticator app on your phone. Easy as that.
Using the Microsoft Authenticator app to access your Office 365 services (eg: email) can be even easier. Simply logon with your usual username and password, at which point the app on your phone will pop up with a request to confirm access. Simply tap on the app to allow, and your computer will then successfully complete the logon process.
3. MFA is incredibly effective at increasing your security
You may have heard it said before, but digital security is like an onion – it must have many layers. Firewalls and antivirus protection are as critical as ever, but in many situations, they simply will not offer the type of protection that you need to keep your information secure. Multi-factor Authentication is an extremely effective method of protecting access to your user accounts, and the critical information and authority that they protect. Your computers may not be infected with a virus, but if a hacker were to gain access to your CFO’s email account, can you imagine the havoc they could wreak? This is where MFA shines.
How do I enable MFA on my user accounts?
Enabling MFA on your user accounts is usually free, super easy to use and extremely effective in protecting access. The question is not why you would enable MFA, but why in the world would you NOT enable MFA?
Put aside five minutes to write down all of the IT systems and platforms that your business uses, and then hit up Google to see if they support MFA. Now think about all of your users and which of them has access to anything important (most likely all of them, but at the very least think about executives, finance and HR) and imagine a malicious hacker with access to their accounts.
Alternatively, reach out to Indigo Unified Communications. We pride ourselves on making IT easy. Reach out on email@example.com or 0141 442 0202 and we will be able to assist.