In today’s world, passwords are just not enough. Passwords are a pretty laughable method of authentication and can be acquired easily from some simple phishing. That is why a lot of companies are pushing to use Multifactor Authentication, or MFA for short. Multifactor authentication is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) for logging onto a device, or program. Types of factors that are used are knowledge (something the user and only the user knows, such as a password), possession (something the user and only the user has, such as a hardware token or cell phone), and inherence (something the user and only the user is, such as a fingerprint).
Did you realize that you have most likely already used MFA in some form or another? For example, if you have swiped a bank card and entered a pin, or if you have logged into a website that sent a numeric code to your phone to gain access to an account. If you have done either of these you have used MFA. In most cases MFA is very simple to use. In the typical scenario, you would first enter your username and password, then you would use an authenticator app, or a token to gain access. See, that isn’t so bad!
So, what’s the big deal? Why is it so important to use MFA? MFA helps protect you by adding an additional layer of security. It makes it more difficult for bad guys to log in as if they were you. Your information stays safe because a thief would have to steal your password and your phone/token to gain access to it. If you are using a phone instead of a token device you most likely have the extra layer of protection already because most phones are set up to use a password or fingerprint to unlock it.
The other big question we face is when to use an MFA? The answer is simple…use an MFA whenever possible. Especially when you are accessing sensitive data such as your primary email, your financial accounts, and your health records. But you must take the initiative to turn it on! Below is a list of some of the companies that have good authentication software.
- DUO Security
- Google Authenticator
- Ping Intelligent Identity Platform
- RSA SecurID Access
- Google Security Key Enforcement
- Idaptive Next-Gen Access
- AuthPoint Multi-Factor Authentication
Currently at Preferred IT Group, we use DUO Security as our MFA. We also have clients who use DUO. DUO has a free and a paid version of their product. DUO is for organizations of all sizes. They secure access to your applications and data no matter where you or your users may be. We have found DUO to be user friendly and easy to work with.
We know that stopping all online crime is not realistic, but using an MFA will reduce your chances of having this happen to you. Please call us today to implement this extra security practice in your business.