Microsoft has found that Multi-Factor Authentication (MFA) blocks 99.9 percent of automated cyberattacks on Microsoft platforms, websites, and other online services. As hackers continue to target user credentials and email accounts, we must be mindful of what we’re doing to protect ourselves.
But how do we bolster our defenses and employ better access controls? And what can we do to improve the security posture of our organization?
One defense to consider is Multi-Factor Authentication, which can be used to prevent a hacker from gaining full access to a network, even if a user's credentials become compromised.
What Exactly is Multi-Factor Authentication?
Multi-Factor Authentication is a cost-effective and simple way to close security gaps. It’s the process of a user or device providing two or more different types of proofs of control associated with a specific digital identity, in order to gain access to the associated permissions, rights and privileges.
These credentials fall into three categories:
- Something you know (like a password or PIN)
- Something you have (like a smart card)
- Something you are (like your fingerprint)
Why is MFA Important?
Multi-Factor Authentication enhances your organization's security by requiring your users to identify themselves by more than a username and password. While important, usernames and passwords are vulnerable to cyber attacks and can be stolen by third parties. Enforcing the use of an MFA factor like a thumbprint or physical hardware key means increased confidence that your organization will stay safe from cyber criminals.
MFA Best Practices
To start, organizations should conduct a thorough, comprehensive risk analysis across their network and infrastructure. This process will identify potential vulnerabilities in both protected information and authentication measures.
Next, create an inventory of all access points on the system, including where your employees, vendors, and contractors log-in to the system. Every point of access is a potential threat to security and could allow hackers to find other channels. An analysis of where to protect your data is a great start.
Its also important to consider your organization’s security needs to determine the right authentication for your specific purposes. Things to consider include size of your organization, complexity, hardware, and technical infrastructure. This will help to determine the number and complexity of access points.
The last consideration is to evaluate the risk of the data that could be exposed at each endpoint and the amount of user friction you’re willing to have when considering MFA options for different endpoints. Think about implementing tools that assess user access behind the log-in page to determine who is logging in and from where. These checks occur behind the scenes and don’t add any friction to the user.
At the end of the day, no measure of authentication will cure all your security woes. However, strengthening credentials and making access more difficult for those without the right authentication can go a long way to closing network security gaps.
Want to learn more? Check out our blog and video on Unlocking the Power of Teams | A Closer Look at Multi-Factor Authentication.
AMTRA can help strengthen your security posture, so you can maintain employee trust, help prevent data breaches, and reduce costs. Give us a call.
Source | https://www.microsoft.com/security/blog/2019/08/20/one-simple-action-you-can-take-to-prevent-99-9-percent-of-account-attacks/