What is Multi-Factor Authentication and Why Do We Need It?

Internet and device security is top of mind for most businesses these days. A steady rise in internet scams, phishing emails, denial of service attacks and security breaches from hackers poses a very real threat to digital security on a daily basis.

The standard verification method of a username and password for logging into apps, online accounts or to a VPN can be easily breached and stolen by a third party, even with password rotation enforced by your organisation. There are many tools in the cybersecurity toolbox that you can employ to combat cybersecurity risk, and Multi-Factor Authentication (MFA) is one that’s particularly effective and robust. But what is Multi-Factor Authentication, and why does your business need it?

What is Multi-Factor Authentication and Two-Factor Authentication?

Multi-Factor Authentication (MFA) is a security measure that requires someone to confirm their identity using two or more verification factors.

There are three verification types which you may be asked to provide:

• Knowledge based —where you are asked to provide information that only you know and entered into the online account during setup.
• Possession based—this is something that you have, like a YubiKey or a one-time password or code sent to your device.
• Inherent based —which is a characteristic unique to you, such as your fingerprint, retina scan, or voice recognition

Two-Factor Authentication (2FA) simply refers to the process of using two forms of verification before you can gain entry to an account or app.

The range of verification factors include (but aren’t limited to):

• An authenticator app, installed on a mobile phone to verify a desktop-based login.  There are several Authenticator Apps in use by financial institutions, software companies and other online services.  You download their preferred app to your smartphone, and when requested, enter the code on the app screen. It’s only available for a short time – so you have to enter the code before it lapses.
• A randomised pin or one-time-password (OTP) sent via email, text or voice call to your phone, tablet or watch.
• Biometrics, such as a fingerprint, retina scanning or facial recognition
• A physical token, such as a security badge, USB, smart card or fob
• AI methods such as location-based IP address checking

How does Multi-Factor Authentication deter hackers?

Much of our daily lives are spent on the internet, and we share and transmit a large amount of sensitive and personal data in the course of our digital interactions. Whether you’re using the computer for work or on your device for personal reasons, Multi-Factor Authentication is the most robust way to protect yourself, your devices and your personal information from cybersecurity threats.

As we need passwords for everything we do digitally – banking, email, online shopping, online courses, social media, websites, apps, etc – it’s unfortunately common to see people undermining password security by writing passwords down on notes, reusing passwords for multiple accounts or using the simplest passwords possible, like “123456” or “Password.”

Hackers steal passwords through phishing emails, online scams, phone scams and by scamming contact centre staff.   Phishing emails and ransomware can completely lockdown an entire organisation, if one user clicks a bad link and enters user credentials, or downloads a malicious executable file.

With Multi-Factor Authentication turned on, you’re adding an additional security layer between you and the hacker, making it near impossible for them to successfully access your account and steal your data, or worse – your identity.

Whilst it can be a little frustrating at times to be put through these verification steps – consider the consequences of your data and ID being stolen.

Last year, Australians lost more than $850 million to scammers, and payment redirection scams hit Australian businesses hard resulting in $128 million in losses.  This year has seen a 13% rise in scams so far.

Increasing security for personal and business accounts and transactions has never been more important – and Multi-Factor Authentication is the most robust way to safeguard your data.

How do we enable Multi-Factor Authentication?

For organisations using Microsoft Office 365 – Multi-Factor Authentication is available using Azure Active Directory (AD) as its authenticator. Additional factors such as Conditional Access and Trusted IP can be enabled and mandated depending on your enterprise licensing level, and be set-up, configured and managed in your organisation’s Azure Portal online. Other platforms and apps also provide MFA or 2FA, and we help our clients to set up the most appropriate levels for their needs, and train their staff.