Multifactor Authentication: How to Protect Your Business Beyond Passwords
Microsoft cloud services see 300 million fraudulent sign-in attempts every day. When security credentials are compromised, a data breach is only one login attempt away.
What can you do to protect your business?
The Problem with Passwords
Passwords should protect access to your critical applications. But the problem is that they can be cracked, stolen or even given away by accident. With passwords as your only protection, there’s still a high risk that a cyber criminal or hacker could access your systems.
What about long or complex passwords?
You often see suggestions for a minimum number of characters to make passwords harder to guess. Or using combinations of letters, numbers and symbols.
Longer and more complex passwords can slow down a hacker’s brute force attempt to guess the passwords for a specific account. In the same way that a 5-level mortice lock can delay a burglar trying to break in.
But for a determined cyber criminal, passwords don’t matter. That’s because they use many different techniques to attack businesses and access user accounts. If a hacker feels it’s in their interests to devote enough time and effort to get into your systems, a password won’t be enough.
Phishing is a common way to trick staff into handing over their passwords directly or through fake websites. It doesn’t matter how complex the password is, if the hacker can steal it your systems are compromised.
What can you do then to protect your business beyond using passwords?
How Multifactor Authentication Improves Security
To safeguard your business you need an extra layer of protection called Multifactor Authentication.
Multifactor Authentication is simply a way to verify the identity of the person who is trying to log into a system using many types of information. In other words, you use different ways to prove that you are who you say you are:
Something you know
This is a piece of information that’s known to the user. The most common type of information used for this security measure is a password. Personal information like ‘mother’s maiden name’ is also sometimes used.
Something you have
This is a physical device that the user has in their possession. The most common type of item is a phone. Knowing that a login attempt is being made from a trusted device indicates that the account is less likely to have been compromised.
Something you are
These are biometrics like a fingerprint or face scan. As these can’t be easily stolen or copied it adds even more depth to the security. UK passports have included biometric information for many years to prevent criminals from creating fake IDs.
With the use of these multiple dimensions of security, if one element is stolen or lost like a password, the other factors help to keep the user’s account secure. In fact, Multifactor Authentication is such a strong security measure that Microsoft has said it can prevent over 99.9% of account compromise attacks.
Businesses who want to improve their security can start using Multifactor Authentication with tools provided by Microsoft.
Multifactor Authentication with Office 365 platform (Azure AD)
Office 365 platform (Azure AD) is a cloud-based identity and access management service. It can act as the hub for whichever type of Multifactor Authentication you choose to use including text messages, phone calls, biometrics or one-time passcodes.
Microsoft also has a range of tools for businesses to authenticate with Office 365 platform (Azure AD):
This mobile app allows users to approve sign-ins to their accounts. It supports push notifications, biometrics, or one-time passcodes. With the Microsoft Authenticator, you can use it in addition to or in place of passwords with two-step verification. It allows every user with a mobile device to improve their security using the app.
Windows Hello for Business
Windows Hello allows you to avoid using passwords on Windows 10 devices while putting other strong security measures in place. It uses strong two-factor authentication (2FA) so a credential is tied to your device along with a PIN, a fingerprint, or facial recognition to protect your accounts.
SMS and Voice
In the same way that banks and other financial institutions send text messages and codes to your mobile phone, you can use them to keep your business safe. Office 365 platform (Azure AD) allows you to use SMS and voice as security measures alongside your passwords.
Protect Your Business with Multifactor Authentication
Passwords are no longer enough to keep your business safe from harm. However, Multifactor Authentication is a proven method for protecting your business using Microsoft technology.
Aindale helps many businesses to improve their security. For help to protect your business with Office 365 platform (Azure AD), give us a call on 01484 518899 / 01539 733288.