Imagine if no matter how well protected your computer systems are, there was yet another level of protection? One which involves specific factors particular to the user, which they can use in addition to a strong password? With multi-factor authentication (MFA), you have yet another defense against bad actors seeking to infiltrate your network. Read on to learn more about this relatively new technology.
MFA: An Extra Layer of Protection
Passwords used to be enough. However, with bad actors looking for—and finding—ways to get into your network, multi-factor authentication (MFA) is a technology that is gaining ground. The most common type of this validation is two-factor authentication, in which a second method (additional factor of verification) is used to validate your account. For example, using a password (one factor) and text message with a code (second factor). The use of two different factors enhances security the way a single factor can’t. These details are not ones a bad actor will know, so even if they access the system using your password, they cannot go any further. An introductory article from the National Institute of Standards and Technology (NIST) cites studies that indicate that users of MFA feel much more secure than with their passwords alone. Two-factor authentication is a subset of MFA and is adequate; using more than two factors provides even more protection.
Applications to Core Systems and the Cloud
With technology continuing to grow, threats follow closely behind. How do you keep “bad actors” from accessing your network, the backbone of your IT infrastructure? Some attacks, like ransomware-as-a-service, allow a cyber criminal to simply log in to a site, configure their attack, and distribute already-written malware to their victims. Multi-factor authentication can mitigate the risk of bad actors getting in, providing another “gate” that they can’t get through. When accessing your network away from the office, MFA keeps your network safe, as well as restricting criminals’ access to your data and applications in the cloud. Not only does MFA protect your system, it protects those who use it.
Gone are the days when a password alone protects a user—or even a whole network—from those seeking to steal and exploit data. To learn more about establishing multi-factor authentication for an extra layer of protection, contact our trusted technology advisor today.
October is National Cybersecurity Awareness month, a “collaborative effort between government and industry to raise awareness about the importance of cybersecurity, and to ensure all businesses have the resources to be safer and more secure online.” This year, according to the US Department of Homeland Security, the emphasis is on a proactive approach. Read on to learn more about various aspects of cybersecurity.
Develop Awareness of Current Security Threats
The more technology advances and expands, the more places an attack can occur. Cybercriminals are growing more clever and resourceful, and know how to insert malware, or a bot that can mimic human activity. There are also phishing schemes, wherein an attacker can send an email persuading an unwitting employee to share confidential data. Weak spots in a network are subject to exploitation as well. Many companies, according to CompTIA, think that security is “good enough,” and haven’t yet dedicated much of their budget to maintaining cybersecurity. However, your business doesn’t have to be one of them. There are steps you can take, starting with an assessment of your network’s security.
Take an Inventory of Current Protections
What is your current level of security? Take stock of your business’s protection, starting with the computer network. Are there any weak spots or vulnerabilities needing to be patched? Make sure that you have the most current operating system patches. Also ensure that your antivirus and anti-malware definitions are current, to block attackers from infiltrating your system. Map all devices connected to your network, including ones operated by staff working remotely to make sure that those points are safe. Do your employees know the best practices for keeping safe while working online?
Make Employees Your Most Important Asset
Not only should devices be secured from unauthorized access, your employees should know—and practice—skills that will keep them and you safe from cyberattack. Phishing schemes are designed to persuade unwitting individuals to provide confidential data to attackers. Train them to know what a phishing attack looks like; clues include misspellings in the heading as well as an urgent “call to action.” Other solid practices include establishing strong passwords as well as changing them regularly. Multi-factor authorization (where the user enters information that only they know) can provide an additional layer of protection. Emphasize to your staff that protecting themselves also protects your business.
As technology evolves, cybercriminals will keep pace in exploiting it. To learn more about how to keep your network safe and healthy, contact your trusted technology advisor today.