News of a successful cyber attack is almost a daily occurrence. Compromised credentials – stolen and/or weak passwords – were used in 81% of hacking-related breaches1.
Many organizations are turning to Multi Factor Authentication (MFA) to strengthen their credential requirements.
MFA requires users to use more than one piece of evidence to gain access to apps and systems. This is typically a combination of two or more items:
- Something you know (ie, a password)
- Something you have (ie, a mobile phone)
- Something you are (ie, a fingerprint)
Most of us are familiar with being sent an additional access code to our phone when we try to access our bank from a new device. That is Two-Factor Authentication (2FA) and a simple approach to get started with MFA. According to Symantec, 80% of data breaches can be prevented with 2FA.
MFA significantly increases the difficulty of a hacker to penetrate your network. They can often figure out your password within minutes, but it isn’t likely that they will have both your password and your phone.
Adaptive MFA allows policies to be set that only require multiple authentication factors when access is attempted in an atypical situation, such as from a new device, at an odd time of day, or from an unusual location. This greatly enhances the user experience by not inconveniencing in a business as usual situation.
With over a decade of experience with mobile security, CTS is your partner in adopting MFA for your organization.
1 Verizon, 2017 Data Breach Investigations Report
Challenges
Password Management
Most users access 5-20 password protected applications per day. Security policies for hardened passwords can be proven burdensome to employees who must remember dozens of complex credentials. Password Management is expensive. Per Gartner, 20- 30% of help desk calls are for password resets; according to Forrester, those calls average $70 per request.
End user Objections
MFA does take a few extra moments to gain access and some users object to the inconvenience. Security training to stress the importance, MFA training to show them how to use the new authentication requirements and plus combining MFA with a single sign-on (SSO) initiative can help overcome objections.
Backup Options
You must devise a plan for emergency access in case an end users’ phone or security token is unavailable.
Lack of Bandwidth
MFA deployments, like all new technology rollouts, require significant planning. MFA Configuration and Mobile Security are specialized skillsets that you may not require as a full time resource.
Benefits
Security
Additional layers of security decrease the probability of a successful breach as a hacker would need to have acquired multiple credentials from you, ie, have both your password and your phone.
Compliance
Many regulations require MFA to achieve compliance. MFA enable achieving compliance requirements specific to your organization which mitigates audit findings and helps avoid potential fines.
Flexibility
Organizations can set flexible levels of security based on users’ roles and business needs. Various systems can have different levels of security.
User Experience
MFA offers the opportunity to eliminate passwords altogether by securely authenticating users via other methods. By requiring MFA to log into your Single Sign-One (SSO) tool, users enter their multiple credentials once and access all of their apps without entering passwords for the balance of the day or the time frame you specify.
CTS MFA Configuration Services
Security
Users will have to enter multiple layers of authentication to access critical apps and your network.
Identity Data
Maintain your Active Directory, LDAP or Google Directory as the authoritative data source for authentication. We’ll provide turnkey authentication to your customer apps, leveraging social or cloud logins.
Role & Privilege Identification
We’ll map out a directory of users assigned to roles.
Training
- IT administrators will be able to manage your MFA implementation into the future.
- End users will understand how to apply their credentials and access their apps.
Complimentary MFA Consultation
Add layers of protection to your mobile security
© 2020 Complete Tablet Solutions. All rights reserved.