linkedin  twitter  facebook  email-3

Step up your data security with MFA

Find me on:

Multifactor-authentication-passwordsMost often, a hacker doesn't want access to your data so they can use it for anything in particular.  They really only want access so they can stop YOU from accessing it. This loss of control on your part is what's most lucrative to them. If you want your access back, you need to pay up. It's as simple as that.

It's common knowledge that the best way to stay in control of your data is with strong password protection. Our post from earlier this year outlines the complexity you should factor in, but there's another layer of protection readily available to ensure hackers are as far removed from your data as they possibly can be: multi-factor authentication (MFA).

MFA requires that you apply more than one method of authentication when you log in to access securely stored data.
There are 3 types of authentication that can work together to verify you before allowing you to log in:

  • The first type is usually a password, but it could also be a PIN or an answer to a question. Either way, it's something private that you (and only you) should know the answer to
  • The second type is something that holds information and tends to be a material object - a phone, access swipe card or credit card are good examples
  • The third type relies on your physiology - a biometric like your fingerprint, face, voice or retina

How does MFA work?

The most common type of MFA combines the first two factors outlined above. An example is the easiest way to explain:
When you try and log in to a service or system with your email & password (the first factor) , the login attempt automatically triggers the second factor - a text is sent to your mobile phone with a one-time numerical code. Enter this code when prompted on your login page, and you'll be granted access. 
This is why MFA is such a powerful way to protect your data... even if a hacker knows your username and password, it's highly unlikely they have access to your mobile phone where the second authentication factor was sent. Without both, they can't get access. Game over. 

It's important to note that this type of MFA needs to be an available security setting within the system or service you subscribe to. Where it is available, you usually have the option to activate it in the settings for your account. We highly recommend you do this wherever it's supported. 

In relation to biometrics, many laptops and devices have built-in components that can scan a fingerprint or facial features before access is granted. While not as widely applied yet, we're likely to see this this type of authentication grow in popularity over the next few years as product improvements evolve & users continue to upgrade their hardware.

Authenticator apps

Considered more secure, authenticator apps are becoming a popular second factor alternative to receiving a text on your mobile device. The app produces a random numerical code. You 'approve' or 'allow' the code to be applied and your access is granted. Some examples are Microsoft Authenticator, Google Authenticator, Authy and DuoMobile. We're even starting to see banking institutions introduce their own authenticator apps for their customers. 

Are you more secure with MFA?

While you will never be 100% secure, the combination of more than one authentication factor will make it much harder for someone to log in successfully with your credentials. Your account is a harder target for a hacker (they love complacency) and so they're more likely to move on and target someone else.

The final (pass) word

While MFA will go a long way to protect you, continue to regularly update your passwords too. It's the combination of the two factors that protect you best, so make sure you don't forget to change them every 90 days at least. Check out our list of tips for updating passwords.

If you have any questions or would like some help establishing MFA in your team, please feel free to email us or call 4254 5444 at any time.

 

Subscribe to our blog to receive regular articles