Posted: 24/06/20 by C4 Secure Ltd
Eight reasons you should turn to multi-factor authentication.
In a recent EMC and Vanson Bourne survey of more than 10,000 IT managers, 71 percent said they believe IT must serve as in-house brokers for on-demand services to help business growth. One imagines that, immediately after answering that question, they emitted a collective groan.
That’s because the IT manager’s plate is already heaped with a mountain of priorities. In addition to keeping the network up and running, and fulfilling the many competing requests from departments across the organization, they now need to think strategically about supporting business growth while also keeping security top of mind.
Admins have installed antivirus software, raised the firewall, deployed encryption technology, and periodically run vulnerability tests. But the sobering reality is that if multi-factor authentication (MFA) is not in place, these other security measures can be bypassed. A best practice for IT managers is to categorize their systems to identify the ones that contain access to business-critical data, and then add MFA on top of those. MFA has low complexity, which makes it an easy addition. It can be rolled out quickly without busting the budget.
IT complexity is a real and ongoing issue. Each change to the network has the potential to set off a chain reaction of tweaks and adjustments, which can irritate users and keep them offline. Since a streamlined authentication process keeps productivity (and morale) high, IT administrators should ensure that each new upgrade or addition affects access to critical programs as little as possible.
Advancements in remote access enable more and more employees to work from any location. The IT department is responsible for facilitating the ability of the remote workforce to perform its functions from outside the office environment, which means its authentication strategy must make it as easy as possible to safely access business applications from anywhere, at any time.
Using MFA, administrators can adapt the level of support needed using contextual information, such as login behaviour patterns, geo-location, and type of login system being accessed. For example, if the user is logging in from a trusted location where they have logged in before, they will not be prompted for a one-time passcode in order to authenticate. This allows end users the needed security with greater ease of use while working off-premise.
Eight reasons to support use of multi-factor authentication
These data points support the need for MFA:
1. Identity theft is an easy, low-risk, high-reward type of crime and a threat to all businesses. It is the fastest-growing type of crime and is now more profitable than drug-related crimes.
2. Weak or stolen user credentials are hackers’ weapon of choice, used in 95 percent of all Web application attacks.
3. From 2013 to 2014, the number of successful breaches went up by 27.5 percent. The malicious actors are winning the war.
4. Headlines tend to belong to the household-name companies, but they are not the only companies being targeted. Of all targeted attacks, 31 percent are aimed at businesses with fewer than 250 employees.
5. Anti-virus systems and advanced firewalls are necessary security elements, as are vulnerability tests. Without user authentication, though, the front door is wide open to intruders.
6. Password theft is constantly evolving as hackers employ methods like keylogging, phishing, and pharming.
7. Cyber criminals do more than merely steal data. Often they destroy data, change programs or services, or use servers to transmit propaganda, spam, or malicious code.
8. Employees are already accustomed to authenticating themselves in their personal lives, as providers of online services like home banking, gaming, social media, and email have all adopted mobile-based tools to effectively authenticate their users when accessing their systems.
Today’s IT administrators deal with pressures and demands from all sides, including the critical need for top-notch security. As cyber criminals morph their methods in ever-more clever and complex ways, admins must protect the network in such a way that access remains easy. Multi-factor authentication enables IT admins to rest a little easier, knowing that they have deployed a security strategy that protects the company’s platforms and users alike, thus reducing complexity while ensuring access and boosting the flexibility of remote workers.