HELP DESK Support – (678) 387-5715

  IT Services – (678) 387-5717

JETT News

Multi-Factor Authentication

Multi-Factor Authentication: The Security “Option” that Isn’t Optional

With 61% of data breaches involving lost or stolen credentials such as passwords, the evidence is overwhelming that simple password authentication is inadequate for any business serious about security. Any Internet-connected company that takes this approach may already have been compromised by adversaries seeking to steal information or resources of value.

Multifactor authentication (MFA) provides companies with an effective, affordable security mechanism to overcome the weaknesses of knowledge-based authentication such as passwords. It adds a critical layer of protection to network, application and data assets in an increasingly dangerous and sophisticated threat environment. When organizations combine passwords with secure physical devices and/or biometric credentials, they insulate themselves with a strong layer of security that helps protect against password theft.

The ABCs of MFA

With MFA, authentication is generally accomplished by validating one of three factor types:

  • Something users know (such as a password),
  • Something they have (such as an ID card), and
  • Something they are (such as their fingerprint; e.g. biometrics).

To achieve MFA, the firm must require personnel to use two or more of these factors. Some choose to take MFA a step further by sending tokens to a device associated with the individual requesting access, such as their password-protected mobile device, or by having tokens expire if they are not used for access within a specified time.

Recent advances in MFA, such as authentication via a pop-up window on a user’s smartphone, make MFA even easier to use and manage. It also increases personnel satisfaction, which makes it much less likely workers will try to circumvent security protocols.

The Threats Are Real and Are at Your Door

We have spoken with business leaders who discount the dangers to their firms. They think their data isn’t “important” enough to steal, or that they are too small to offer much value. Nothing could be further from the truth. Although large companies may offer more in terms of their “data trove,” they are also much more likely to have implemented stringent security measures.

Consequently, most cybercriminals are equal opportunity offenders. They’ll attack everyone and gladly walk through the doors of those business leaders and IT managers who leave them open. Furthermore, despite decades of effort by organizations to insulate themselves against security risks, there’s no shortage of tactics being launched to penetrate their defenses.

From malware and hacking to phishing, these tactics frequently lead to account compromise and credential theft. Increasing this danger are outside security concerns, such as expanding the user base to include non-employees, such as third-party contractors.

The experts at JETT possess decades of experience helping organizations of all sizes ensure they are using appropriate security controls, including MFA, and that their security posture complies with all applicable mandates. For a complimentary discussion of your current security approach and how you might want to strengthen it, request a consultation at https://jettbt.com/contact-us/.

Pro Tips from the JETT Experts

  1. Enable user-friendly factor types with strong security
    Giving users access to mobile app authenticators, push notifications, biometrics and other highly secure options simplifies the end-user experience and increases the value of MFA.
  2. Plan and provide for a variety of access needs
    Using a mechanism such as Windows Hello as the second factor in MFA addresses scenarios where users may not have Internet access, such as on a plane or in the interiors of concrete structures. It also makes it nearly impossible for someone to steal MFA credentials.
  3. Review compliance requirements carefully
    Most IT compliance standards such as PCI DSS, SOX and HIPAA mandate strong security controls, and they are not the same for each standard. If your firm must adhere to one of these standards, having a detailed understanding of the requirements will enable you to tailor configuration and policies to align with them.

Recent News

Protect Your Data

Why It Is Important to Protect Your Company’s Intellectual Property

Are You Doing Everything You Should to Protect Your Company’s Intellectual Property? Data Loss Prevention (DLP) is an information security tool that can detect and …

Read More →
Insider Threat

Have you Assessed a Potential Insider Threat to Your Business?

It’s nothing new.  Confidential information, sensitive financial records, critical customer data, and intellectual property are core assets for any successful business.   Protection of these assets …

Read More →

The 2020 Bulldog 100 Includes JETT Business Technology

For the second year in a row, JETT Business Technology has been named to the Bulldog 100.  This year JETT was named to the distinguished …

Read More →

Access and Data of Your Remote Workers – Is It Secure?

Providing safe and effective protection for remote workers is not a new topic. But today, more than ever, this is a key priority of all …

Read More →
Scroll to Top