Cybersecurity can seem overwhelming at times. There is a good chance your IT Provider provides some form of cyber security, so why should you have to learn about it?
IMedia's goal is to limit the impact of any one cybersecurity protection layer has on our clients. However, in some situations it does require buy-in from our client base. Multi-Factor Authentication (MFA) is a perfect example of this. MFA is one of the few protection layers that requires the user to participate.
What is Multi-Factor Authentication?
In the past, a username and password have been sufficient to protect your accounts. However, more data is ending up on the dark web and easily accessible to the bad actors.
MFA is a second form of authentication to login to your account, rather than just your password. As we explained on our blog Your 2023 Need-to-Know Guide to Cloud Security MFA is the equivalent of adding an electronic lock to your front door.
While this may sound cumbersome, we can make this easy.
After implementing the rule that all users must have MFA, users will be prompted to set up a second form of authentication.
There are multiple options to choose from:
- Authenticator App – Preferred Method
- Text code to cell phone
- Call their phone
- A USB Key can be used as a second form of authentication for organizations that either lack company-owned mobile devices or prefer not to have their employees use personal devices for authentication purposes.
The user will need to set up their preferred method and go through the prompts. The process is usually quick and easy, but we are here to help if they run into any roadblocks.
The Authenticator App:
An authenticator app is usually free and can be downloaded to an Apple or Android device. The user will be prompted to “add an account” and scan the QR code that is displayed on their computer screen. This will pair the app with their account.
User Experience
With MFA enabled, the user can now easily log in to their Microsoft 365 account but with significantly enhanced security on their account and your organization.
They will be prompted every single time they login to a new device. However, their primary device will be remembered so it will not prompt the user every time, making it less intrusive. The primary threat is login on a new device, which is why the policy is laxer for the daily/weekly use of the same computer.
The Benefits of Multi-Factor Authentication
There are few cybersecurity layers that have such a massive impact. According to Microsoft, 99.9% of account compromise attacks can be prevented with this enabled.
While it is impossible to completely prevent cyber-attacks on your Microsoft 365 account, MFA makes it significantly more difficult for the bad actor to gain access to your businesses Microsoft 365 accounts. With more data than ever moving to the Microsoft platform, MFA is no longer a recommendation but a requirement.
Microsoft has recently required MFA for all accounts, so it is best to get ahead of this change and start today.
If you need help getting MFA started for your business, please reach out.
