Learn the 4 new features which will be coming to the Cloud throughout 2022, and what this means...Find out more
Multifactor authentication (MFA) is an authentication framework where the user is granted access to a resource or website, provided they can present two or more types of evidence for verification. These types must be from different authentication categories such as something you know, something you have, or something you are. This method is used in order to ensure the identity of the user trying to access the resource and prevent one compromised factor from causing a data breach – although one form of authentication like a password may have been compromised, it is unlikely that multiple factors have.
Given the security benefits of MFA from the reduced chance of a data breach, this authentication framework has been implemented by organisations worldwide, and is seen as industry best practice. It enhances your organisations security against malicious attackers and prevents breaches from the ever-increasing arsenal of hacking methods used to steal your credentials. These methods include credential-harvesting phishing emails, ‘shoulder surfing’, or virus’ that record your keystrokes.
It is not uncommon in highly secure environments to use more than 2 factors, as each additional factor further strengthens the security and further reduces the chance of a breach.
As said before, Multifactor authentication utilises a combination of authentication factors, with each being categorically separate, so using a password and a pin is not multi-factor, these are both things you know and would fall into the same credential category. Below is a list of examples of some types:
Something you Know – Knowledge that is not publicly available, known only to you
Examples – Password, Pin, Swipe Pattern
Something you Have – An item or device that you alone are in possession of
Examples – Key Fob, Authenticator App, Mobile pairing,
Something you Are – A unique physical characteristic of yourself
Examples – Fingerprint, retinal scan, face scans
While the need to improve password security is becoming more prominent each year, there can be resistance to its adoption, as the additional step of getting out your phone to type in a code gets in the way of signing in and delays your access. To some users it can be seen as more of an annoyance than a benefit, leading to lower implementation rates. The goal is not to add steps to make getting the information you need harder, just safer, and with this in mind, Multifactor authentication is also able to bring in aspects such as contextual information relating to the access request like the location of the user. For instance, if you are working in the office on the trusted office network, this can be taken into account and the additional factor for authentication may not be required. If an unknown overseas request was made for the resource however, this is unusual, and would require additional verification to prove identity.
While the data breach headlines tend to be of recognisable house-hold name companies, research has shown that 58% of cyber-attacks are aimed at business with less than 250 employees, and if successful, 60% of those companies will close within 6 months of the data breach.
With over 90% of breaches occurring from compromised credentials– a weak password, risky download or a click into phishing email attachment could be a lot more costly than you think.
If your business would like further support and guidance, contact us today: Contact (workplaceconnect.co.uk)
Review TextTestimonial #1
Review TextTestimonial #2
Review TextTestimonial #3
Stephen SawleyBeing partnered with WPC is a joy. Their level of service and turnaround is exceptional. As is every member of the support team that I am in contact with. Savvy support and great to work with!
Mark GWe have been using Workplace Connect for around 2 years now, and have found them to be a great company to work with. The change over from our last provider was seamless, and we have enjoyed an uninterrupted service since then. They are always available to assist with any enquiries, and deal with all matters promptly. I wouldn't hesitate to recommend them to other businesses.
Elliot AzimI have worked with this company for over 4 years and can safely say that the customer service is second to none. The staff go above and beyond to assist with clients and suppliers and are always very friendly and responsive. I would highly recommend Workplace to anyone looking for a quality IT partner.
For more resources, click the link below