A recent survey published by Microsoft found that 99.9% of compromised user accounts did not use multi-factor authentication (MFA). This is quite a compelling reason to use MFA, which is about confirming the user’s claimed identity by using a combination of at least two factors when signing into a service. This solution, however, gives you much more than you would think. By leveraging its flexibility and customisation options, you can provide a secure and practical system for your company. Zsolt Pótor, Senior Solution Sales Manager at Softline has shared his views on multi-factor authentication and the common myths around it.
Not Just for Banks Anymore
When talking about multi-factor authentication, we usually think of securing access to the company’s financial assets, but the possibilities are virtually unlimited. Due to the undoubted importance of your company’s data and information assets, access to these is critical in terms of security. Whether it’s about entering into internal communications channels (email, chat programs) or accessing a company database, each and every connection can increase the exposure of the organization. Our experts have several solution plans for these situations, offering support from planning through implementation to operating the system.
Well-Designed Solutions Without Lengthy Deployment
Many think that transitioning to multi-factor authentication takes several months to complete. Of course, the time needed to implement the system depends on several factors, but, thanks to our preliminary assessment, we will only secure those processes where MFA is actually required. This is important from several aspects, because for securing access to several systems concurrently, we will recommend compatible solutions to ensure that their implementation and operation will both pay off.
Practicality Instead of Time-Consuming Login
A common myth regarding multi-factor authentication is that once it has been deployed, the user must perform it for each login. In fact, this solution is also flexible and can be adapted to real-world requirements. For example, if the user needs to access multiple systems in a given timeframe then we can create a rule requiring the user to perform multi-factor authentication only the first time they log in during a session on the same computer. No further re-authentication will be required until the session expires. Similarly, we can also configure MFA to be required only when logging in from outside the network, so when on company premises, the user can access the data in a single step. The scenarios mentioned above underline both the essential nature of preliminary needs assessment and the rich opportunities offered by the system.
Starring IT–and Many Others
Although their access to databases and company information impacts how employees do their work, the preliminary assessment among users is often skipped. To implement and deploy a complex and well-working system, the involvement of other business departments of the company is essential. The time invested will really pay off, making it possible to get the system right first time, avoiding subsequent modifications. It is also important to provide additional support to users, whether in the form of online training or electronic tutorials—that’s why we offer comprehensive solutions extending to the period after the deployment as well. We will suggest the most efficient training format based on the various user levels.
Although the field of IT security is quite complex, selecting and combining the proper components allows an efficient and customizable system to be created. If you are interested in learning more about enterprise security, please read our expert’s previous article or contact us today!