5/15/2020
MFA is far superior to password-only protection when it comes to account security. The reason is pretty simple:
If you are trying to gain access to an account illegally, it’s much more difficult if you need to penetrate multiple layers of security.
Got their password? You still need their fingerprint. Got their company phone? You still don’t have their PIN code.
This is why so many businesses have switched over to MFA in recent years. But making that switch can be easier said than done…
Which is why we’ve brought together these key tips for overcoming challenges in your own MFA deployment.
MFA stands for Multi-Factor Authentication. In this case, a “factor” refers to a layer of security. It could be:
The goal is to ensure that no one can access an account without passing at least two layers of security.
One of the main obstacles to successful MFA deployment can be the very people your new layered security is designed to protect.
Some people don’t like change. Especially if that change feels as if it is imposed on them. Or if it might make their life even slightly more difficult.
That’s why, when you’re implementing new security measures, it’s always a good idea to explain to your team or user base:
You might consider creating a short explanatory video which guides your users in how to adopt the new measures. If you do, strive for clarity and simplicity above all else.
If you have a system of any real size, implementing full MFA is rarely as simple as flipping a switch.
It’s usually smart to do things in stages. You can start by conducting a full review of all the applications and systems you have in place to identify the best places to begin. These might be:
Having MFA in place will dramatically increase the protections around your sensitive data and critical systems. But it’s vital that your new protections don’t make it difficult for your team to do their jobs.
If they are trying to work while being bombarded by authentication requests, they are soon going to start complaining about the system. Or worse, be tempted to try to find some way to get around it.
Single-Sign-On (SSO) is often the best way to overcome this issue. SSO allows users to authenticate themselves once on individual devices, your network or web browsers, for example. It allows security levels to stay high while inconvenience to users is minimised.
Offering your users a choice of the factors they will use to authenticate themselves can help get people on board with the new measures.
Some of the more familiar options tend to include:
The human factor will often be the security flaw which someone who wants to gain illegal access to a system tries to exploit.
Support your MFA roll out and minimise the risk of the human factor by:
Failing to provide support for users is the way many MFA roll-outs fail.
You might have produced the clearest, most engaging educational video for your users. But even smart, well-educated users can make mistakes. Sign-ins can go wrong. Accounts can get locked out. Phones can get lost. Employees can leave the company (in all of these cases you should speak to your IT team).
Make sure there is a process in place to handle things which go wrong right from the start.
The challenges involved in MFA deployment lead many organisations to tread water rather than get things done.
But the protection Multi-Factor Authentication offers is a powerful motivator to progress. After all, you can’t put a price on your company’s information security.
By knowing what MFA is, by learning how to bring your users with you when you roll it out and by taking sensible steps like providing support when you do, you will be much more likely to overcome any challenges which appear along the way.
Let’s chat. Dial a Geek already helps Bristol-based businesses in every industry protect themselves in all things cyber.
You can reach us on 0117 369 4335 or by emailing [email protected].
If you’d like to receive the latest security updates, downloadable guides, educational videos and other materials from us, sign up to our newsletter HERE.