An example of Multifactor Authentication (MFA) in the physical world are our safety deposit boxes in a bank vault located behind layers of protection. Why not allow your organization’s valuable digital documents equivalent security?
In SonicWall’s 2024 Threat Report the Number One Attack-Deterrent Is MFA
MFA Is Important in the Physical World
Should it Be Less Important in Our Digital Lives?
Complex, Locked Vaults and Double Keys
How would you feel about giving your valuable documents to a bank that only had a single lock on the bank’s outside doors? One lock might put off a less-determined intruder, but I’d expect it would be pretty easy for a burglar to figure a way past just one lock. So how would you expect a bank to responsibly treat your valuables? Not only would those outer doors have locks, there should also be a built-in cement and steel vault secured to the building’s structure to withstand destructive weather, fire and thieves, the vault’s lock should be complex to resist cracking, within the vault should be locked steel boxes that usually require two keys (one that you hold and one that the bank holds and authorizes its use after you prove your identity).
What is the relative value of what people keep so securely at a bank compared with the data an organization is trusted to protect? For example do you have digitized sensitive client information? employee information? prospecting information? financial information? information you would not want competitors to know? What would be the ramifications if these were stolen from you? Could this data, if it were leaked on the internet, cause your organization problems?
MFA Can Lock the Criminals Out of Your Business
MFA is like putting extra locks on your digital assets. It requires additional verification beyond a username and password, which are the easiest verifications to circumvent. MFA (sometimes also called 2FA or Two-Factor Authentication) adds layers of protection – if one factor is compromised, others remain intact, continuing to protect your data. MFA means a combination of two or more ways of proving an identity, like the PIN (something you know) and debit card (something you have) issued by a bank.
Types of MFA Factors
- Something You Know Passwords, PINs or security questions.
- Something You Have Cards, hardware keys or mobile apps generating temporary codes.
- Something You Are Biometrics like fingerprints or facial recognition.
As Ransomware Increases, MFA Lessens Its Threat
According to Bryley partner SonicWall’s 2024 Threat Report, malware attacks, including ransomware, have jumped 11% from last year. So how can MFA cut down on ransomware? Bryley partner Check Point has found that a now-common ransomware-attack vector is through compromised credentials of remote desktop software. But European law enforcement bureau Europol has conducted “investigations where ransomware criminals were monitored. In certain investigations, we saw them trying to access companies – but as soon as they would hit two-factor authentication in this process, they would immediately drop this victim and go to the next,” said Marijn Schuurbiers, head of operations at Europol’s European Cybercrime Centre (EC3).
“This is really crucial information that companies can use for their counter-strategies. Know that if you implement two-factor authentication for your systems in general – or maybe specifically, your crown jewels – you will significantly reduce your chances of falling victim to a ransomware group,” said Schuurbiers at a No More Ransom conference.
In spite of this, according to SonicWall, no country in the world has a majority of business employees using MFA. Denmark has the highest rate of adoption at 46%. But just 28% of US businesses have MFA for its employees.
Bryley partner Microsoft shows similar findings with just 22% of its enterprise customers implementing MFA. Microsoft also provides clear-cut evidence about the value of MFA when it revealed that 99.9% of compromised Microsoft accounts hadn’t had MFA enabled.
A Way to Get it Done
A bank’s safe deposit box is not a convenient way to store everyday items. It’s meant to be involved, employing several factors/proofs of authorization. In the digital environment we have been trained to expect immediacy; each generation expects this more. This is why MFA can be effectively coupled with a Single Sign-On experience that minimizes disruptions for employees. MFA is really not much of an impediment anymore that an organization should continue to be low-hanging fruit for the criminals.
To begin to find out if MFA and Single Sign-On is right for your organization, consider a complimentary 15-minute consult with Roy Pacitto, or contact Roy at ITExperts@Bryley.com or 978.562.6077 x2.
Lawrence writes about networking and security. He’s written for Bryley since 2015.
