What is? : Multi Factor Authentication
What is Multi Factor Authentication? A guide to the reasons why MFA is so important, and best practices for using it
In business, time is important, and we usually steer clear of anything that slows us down. However, when it comes to multi-factor authentication, taking a few extra moments to sign in could really protect you and your business!
Multi-factor authentication (or MFA) requires using more than one method to verify your identity when accessing an account. Typically, a password serves as one method, but passwords can be guessed or compromised.
A password is considered 'something you know,' so the second component of MFA is usually 'something you have.' This might be a code sent to your mobile phone via text or call, or even a fingerprint or facial recognition scan.
By requiring both 'something you have' and 'something you know,' MFA significantly lowers the risk of unauthorized access to your account. Even if someone guesses your password, they would still need access to your mobile device to use a texted MFA passcode. Most smartphones require a passkey and/or biometric verification to view texts, even if the phone is stolen. For Microsoft 365, a separate authenticator app is used.
Like all IT security measures, MFA doesn't offer a 100% guarantee against unauthorized account access. However, it considerably reduces the risk, which is why we highly recommend enabling MFA for sensitive accounts, even if it means sign-in takes a few more seconds!
Take the following steps today to make sure that your business has the added protection of MFA:
- Confirm with your IT team that MFA is enabled on any account used for processing sensitive data, such as email, cloud storage and your CRM and accounting packages
- Educate your staff on the importance of MFA, and why the necessary log-in steps are so important
- Consider if some staff require different MFA policies to others. For example senior managers and those dealing with the most sensitive data should be prompted to re-authenticate more often
- Download a trusted authenticator app, such as Microsoft Authenticator or Google Authenticator, and add it to your browser of choice