SECURE OUR WORLD WITH MFA
This week we continue our journey with Cybersecurity Awareness Month by taking a look at the second best practice underpinning the Secure Our World theme, turning on multifactor authentication (MFA) on personal devices and business networks. Before we delve into MFA, remember that similar to ‘a dog is not just for Christmas,’ cybersecurity is not just for October. We always need it and it’s constantly changing. So, we should always be on guard, and all involved in helping people to become aware of ongoing security measures to protect themselves and their data online.
WHAT IS MFA?
When you log in to your online accounts, like email or social media, you’re basically proving you are you. Usually, this is done with a username and a password, but that’s not the safest way. Usernames are often easy to guess, sometimes just your email. And since passwords can be hard to remember, people tend to use simple ones or the same password everywhere. That’s why almost all online services, from banks to Facebook to Microsoft 365, have added a way to make your accounts safer. They call it Two-Step Verification or Multifactor Authentication, but they all work the same way. When you log in from a new device or app, you need more than just your username and password. You need a second thing, like a code or a fingerprint, to prove it’s really you.
WHEN DID MFA START?
MFA and its predecessor, two-factor authentication (2FA), have been part of our digital landscape for more than two decades. The origins of 2FA are still a subject of debate -the Dallas-headquartered American multinational telecommunications company AT&T asserts they pioneered it in the 1990s – but it wasn’t until the mid-2000s that 2FA started gaining significant traction. With the widespread adoption of smartphones in both personal and professional settings, a considerable portion of the population gained easy access to more user-friendly 2FA options for safeguarding their online accounts. The ability to readily receive authentication codes through SMS or email made the concept of 2FA much more appealing.
In early 2016, President Obama penned an editorial for the Wall Street Journal, emphasizing that relying solely on passwords was insufficient for safeguarding both individuals and businesses. He pointed out that 9 out of 10 Americans felt a loss of control over their personal data. As a response, the President introduced a new nationwide awareness campaign, #Turnon2FA, aimed at encouraging more Americans to enhance their online security. Soon after, smartphones began incorporating biometric authentication methods such as fingerprint scanning and facial recognition. This advancement further expedited the evolution of multi-factor authentication, enabling consumers and businesses to utilize a broader array of MFA techniques for enhancing account security.
HOW DOES MFA WORK?
In contrast to 2FA, which depends on only two authentication factors, MFA usually employs three distinct factors to confirm a person’s identity. These three factors include something you know, like the answer to a security question; something you have, such as a security code generated by an authentication app on your phone; and something you are, like your individual fingerprint. By having these three layers of authentication protecting your account, it becomes significantly more challenging for cybercriminals to impersonate you and gain unauthorized access undetected.
WHY IS MFA IMPORTANT?
While usernames and passwords are essential, they can be susceptible to brute-force attacks and are susceptible to theft by external entities. Enforcing the inclusion of an MFA element, such as a thumbprint or a physical hardware key, instills greater confidence in the organization’s ability to remain protected from cyber threats and unauthorized access.
DISADVANTAGES OF MFA
MFA provides businesses with significantly improved security compared to relying solely on passwords. However, it’s crucial to understand that even MFA isn’t a foolproof solution. For instance, if a user’s personal information has been compromised and is available on the dark web due to a data breach, hackers may find it easier to attempt unauthorized access to that person’s account. Additionally, malicious actors are known to gather personal information from public social media posts, which they can then use to gain insights and potentially compromise one of the target’s accounts.
Some authentication methods come with their own set of security weaknesses. For instance, in SIM swapping schemes, hackers can exploit vulnerabilities to access a person’s phone and utilize it for SMS authentication before the victim realizes what’s happening. If someone physically steals the victim’s phone, and it lacks additional security measures like facial recognition or fingerprint scanning, they could gain unauthorized access to the victim’s online accounts and potentially compromise sensitive business data with relative ease. Even biometric authentication can be susceptible to manipulation if the hacker possesses advanced tools, underscoring the need for ongoing evolution in MFA to maintain business security.
WE CRUSH YOUR RISK
Zhero’s Protect IT Better solution has been carefully crafted and developed to proactively nurture and build a sustainable cybersecurity environment giving your business a competitive advantage. Our advanced technology-as-a-service innovations include effective password management and MFA to keep your precious data safely under lock and key. Moreover, Protect IT Better uses holistic monitoring and reporting to ensure that you are always protected against all cyberattacks. Do you want to crush your IT risk with MFA? Of course, you do. Contact Zhero today and we’ll show you how to do it.