According to Microsoft, “99.9% of cyberattacks can be prevented by using Multi-Factor Authentication(MFA).” Yet many organizations are slow to adopt this prevention technique.
We noticed a major shift happening at the end of 2021, where cyber insurers were beginning to require companies to use MFA or risk not having their policy renewed or rates increased dramatically. At IP Pathways we received a flurry of calls from businesses and organizations in the private sector, healthcare, and local government forced to add MFA to their security protocols.
MFA is one of the strongest lines of defense in your network.
The weakest security links in any organization are human users who are prone to make mistakes or bad decisions when it comes to security. By putting this layer of protection in place, you are essentially doubling down. The user and consequently, the attacker must get through two doors before gaining access to your network. The first door is the easy one and the one that hackers can open the easiest—a simple login and password. The second door is much more difficult to open. It requires an authentication code or phone call to your employee’s device that requires the input of a time-sensitive code to gain access.
Small and medium-sized companies often don’t think they are big enough to consider MFA. This is false. Small and medium-size companies actually have a bigger target on their backs because they are working with a smaller pool of IT talent to manage security protocols and there are fewer security programs and resources in place. Cyber-attacks can disrupt any size of business and they don’t discriminate. The data in your business is no less valuable and a disruption no less crippling when it happens to your organization versus a major player. We just hear about it more thanks to the media.
MFA works for any size organization and should be used for every employee.
When a hacker targets a company, they often target employees on the lower rungs of the organization’s ladder. Businesses may think it is acceptable to exclude lower-level employees from MFA because they don’t have access to critical data or information. This is the opening a hacker is looking for in order to infiltrate your network and find a way into your systems. Don’t make this mistake by only protecting high-level employees. It’s like shutting all the windows in your house except for one during a hurricane. It’s risky and potentially damaging.
Sometimes, companies think they will get blowback from employees about using MFA. This is another unfounded fear. Most end-users are using it on a personal level already when they log into their accounts at banks or with credit card companies. It takes less than thirty seconds to complete the MFA log-in process using most MFA solutions, making it a simple, easy-to-implement safeguard you can lean on to keep your organization safe.
We rely on MFA as one of the tools in our security toolkit at IP Pathways to keep our own network and data safe.
We recommend it to our clients because we use it ourselves, and it works.
With the increase in the number and severity of cyberattacks, it’s really a matter of when you will need to employ MFA and other security measures, not if you will.
We’re here to help. If you’re ready to protect your network from 99.9% of cyberattacks, then schedule a meeting with us now.