News of a successful cyber attack is almost a daily occurrence. Compromised credentials – stolen and/or weak passwords – were used in 81% of hacking-related breaches1.
Many organizations are turning to Multi Factor Authentication (MFA) to strengthen their credential requirements.
MFA requires users to use more than one piece of evidence to gain access to apps and systems. This is typically a combination of two or more items:
Most of us are familiar with being sent an additional access code to our phone when we try to access our bank from a new device. That is Two-Factor Authentication (2FA) and a simple approach to get started with MFA. According to Symantec, 80% of data breaches can be prevented with 2FA.
MFA significantly increases the difficulty of a hacker to penetrate your network. They can often figure out your password within minutes, but it isn’t likely that they will have both your password and your phone.
Adaptive MFA allows policies to be set that only require multiple authentication factors when access is attempted in an atypical situation, such as from a new device, at an odd time of day, or from an unusual location. This greatly enhances the user experience by not inconveniencing in a business as usual situation.
With over a decade of experience with mobile security, CTS is your partner in adopting MFA for your organization.
1 Verizon, 2017 Data Breach Investigations Report
Most users access 5-20 password protected applications per day. Security policies for hardened passwords can be proven burdensome to employees who must remember dozens of complex credentials. Password Management is expensive. Per Gartner, 20- 30% of help desk calls are for password resets; according to Forrester, those calls average $70 per request.
MFA does take a few extra moments to gain access and some users object to the inconvenience. Security training to stress the importance, MFA training to show them how to use the new authentication requirements and plus combining MFA with a single sign-on (SSO) initiative can help overcome objections.
You must devise a plan for emergency access in case an end users’ phone or security token is unavailable.
MFA deployments, like all new technology rollouts, require significant planning. MFA Configuration and Mobile Security are specialized skillsets that you may not require as a full time resource.
Additional layers of security decrease the probability of a successful breach as a hacker would need to have acquired multiple credentials from you, ie, have both your password and your phone.
Many regulations require MFA to achieve compliance. MFA enable achieving compliance requirements specific to your organization which mitigates audit findings and helps avoid potential fines.
Organizations can set flexible levels of security based on users’ roles and business needs. Various systems can have different levels of security.
MFA offers the opportunity to eliminate passwords altogether by securely authenticating users via other methods. By requiring MFA to log into your Single Sign-One (SSO) tool, users enter their multiple credentials once and access all of their apps without entering passwords for the balance of the day or the time frame you specify.
Users will have to enter multiple layers of authentication to access critical apps and your network.
Maintain your Active Directory, LDAP or Google Directory as the authoritative data source for authentication. We’ll provide turnkey authentication to your customer apps, leveraging social or cloud logins.
We’ll map out a directory of users assigned to roles.
© 2018 Complete Tablet Solutions. All rights reserved.