Anybody can crack a password these days. Multi-factor authentication (MFA) is the answer. By using more than one layer of security to access your data, you can keep your business safe.
What is MFA?
MFA, or multi-factor authentication, is the layering of security through two or more methods. Differing from single-factor authentication (SFA) (simply entering a password), MFA works on the following three principles:
My business already has a strong password policy – why should I consider MFA?
MFA is now an essential component of cyber security.
Using a password alone is no longer a reliable method, regardless of its length or complexity. Cyber criminals now have the means to use software which tests billions of password combinations per-second, based on words in the dictionary.
If your password is only 6 lower case characters, then it can be cracked through this method almost instantly, but even a complicated password can still leave you vulnerable.
The concept behind MFA is complex, layered security – a hacker may be able to find out a password that you know, but they then also need to acquire something you own and something you are. Without all three (or more) factors, the account cannot be accessed.
MFA offers enhanced security and a simplified login process. Single Sign-On (SSO) authenticates the user through MFA during the initial login process. This allows universal access to all of the software that uses SSO, without the need for repeated entry of credentials.
You may be compelled to implement some form of MFA due to the European Commission’s introduction of Payment Services Directive 2, which came into effect on 13th January 2018. A key aspect of PSD2 is that two-factor authentication, as a minimum, is required to be in place by September 2019 for all electronic payments under €30 made online.
Won’t MFA be disruptive for my staff?
MFA can add an extra step for accessing services if Single Sign-On (SSO) is not available, but the increased security this offers your business vastly outweighs any minor inconvenience.
Regardless, MFA can now be implemented in a variety of ways:
Text – After successfully entering your credentials, MFA-via-text functions by texting a short code to your mobile phone. This ensures that only you can authorise account access.
Email – Similar to text authorisation, email MFA works by sending either a code or a verification URL to your unique email address. Presuming that you are the only individual with access to the email account, only you can activate the MFA code/URL.
Push Notification – Push MFA sends a notification to your chosen device, informing you that access has been made to your account. A push notification will typically have accept/reject options.
Authentication – Authentication tokens can be physical devices or software-based. They function by generating a unique code every 30 seconds. Entering this code after successfully entering your credentials provides a second line of defence and is unique to you.