One of the biggest objections to good cybersecurity practices from business owners is the imagined hit to productivity.
Luckily, the latest security measures don’t reduce your productivity. They boost it.
The combination of MFA (Multi-Factor Authentication) and SSO (Single Sign-On) gives you excellent security while streamlining your team’s workflows.
They aren’t complicated to put in place either. Here’s why you should get them implemented right now:
Modern distributed working – why you need to make it safe
In many modern workplaces, the norm is now distributed working. We’re talking remote or hybrid setups where some of your team work somewhere that isn’t in the office some of the time.
These setups are great for work-life balance. They can be excellent for productivity. And they can be completely sound for cybersecurity too – but they need to be thought out properly.
Because not every device your team uses is sitting behind the office firewall, safely physically protected inside the four walls of the office any more.
But getting all of the benefits of remote working is well worthwhile for most businesses. Making it safe shouldn’t be a chore. With MFA and SSO, it no longer is.
What is Multi-Factor Authentication?
You can think of Multi-Factor Authentication as a way to “log in” that requires you to have two or more ways of verifying your identity before you get access. It’s fast, it’s easy, and it’s effective.
There’s no doubt you’ll have seen it in your personal life. Any time you get a one-time password sent to your mobile before you can log in to something, that’s MFA.
But the range of what are called “identity factors” you can use (or you can have your team use) to verify their identity is actually pretty wide. They include:
- Something you know (like your password)
- Something you are (biometric, fingerprint)
- Something you have (your phone for a one-time password)
What is Single Sign-on?
Single Sign-On can best be imagined as a single log-in system that works for all the applications and systems you and your team need to use during the course of the working day.
With SSO, there’s no need to log in once for your email account, again for your collaboration tool, and again any time you use that project management app.
Instead, SSO stores the sign-in credentials you used the first time in a central place and sends them out whenever you would normally need to log in again.
If you’ve seen options around the internet to “sign on with Facebook” or “sign on with Google”, this is Single Sign-On in action.
This offers surprisingly good savings in terms of workplace time and productivity. But SSO is great for cybersecurity too because:
- People are more inclined to create a very strong password if they only need one
- Only logging in once eliminates risky tactics sometimes used to avoid logging in again
- People remember one password better, so you get fewer password reset requests wasting expensive IT department time
How to implement MFA and SSO
The best way to ensure your in-office team can get to work as quickly as possible while giving your remote working team an extra level of security checks to prove that they’re themselves is called “conditional access”.
Conditional access policies let you set “conditions” that require additional verification steps. Things like:
- Being in a different location than normal
- Using a different device than normal
- Logging in at a different time than normal
This means that if a given team member is working from home during office hours using their work laptop, they probably don’t need an additional layer of identity checking. If they’re working somewhere else on an unknown device at a weird time, they probably do.
The tools you can use to implement MFA and SSO include:
- Microsoft Azure’s Entra ID – formerly called Azure AD, you can use this to set conditional access policies like those above.
- Windows Hello for Business – enables fingerprint and facial recognition, replacing password identity factors with different ones.
- Microsoft Authenticator – this offers a range of options for identity checking, including SMS messages.
But whichever method you choose, implementing SSO and MFA is the best way to maximise your team’s productivity without compromising your cybersecurity.
It’s time to get your in-house IT team or your Managed Service Provider to get on the case.
Looking to safeguard your business’s sensitive data while maximising productivity?
Let’s talk. Dial A Geek has already helped over 1000 businesses in and around Bristol get the best from their technology.
Reach out to us today. Set up a cost and commitment-fee chat with Chief Geek Gildas Jones about your business objectives.