What is Multifactor Authentication?
What is Multifactor Authentication?
Did you know that elephants are one of the most protective animals on the planet towards their young? They only have one calf at a time typically, and carry for almost two years. When born, the mother receives help in protecting the calf, from all the mothers within the herd.
Octopuses, Orangutans and Kangaroos all have highly developed, differing but effective, ways of protecting their young. So, what can humans learn from that? It would appear quite a lot when it comes to our computers and IT stuff. We don’t appear to be very protective of the information we hold within them.
Experts estimate that there are some two million cyber attacks every day. Microsoft’s Defender anti-malware programme intercepted 35.7 billion phishing emails in 2021. The company’s Azure Active Directory detected and blocked more than 25.6 billion brute force attempts in the same year. According to its 2022 “Cyber signals report”, only 22% of businesses secure their data using MFA. Microsoft further reports that users who do not use MFA are ten times more likely to be cyber attacked.
Why should businesses use MFA?
One of the simplest tools for getting onto your network in a hacker’s tool kit, is the common all-garden password. Using password spraying techniques, cybercriminals use brute force login attempts, using usernames and common passwords to log onto your network.
123456 has been the most common password for 6 years in a row, with password and qwerty, in quick succession.
There are lots of hackers out there, all doing bad stuff. Cyber criminals are not young funky whizz kids, sitting in a dark room, guessing what your password is and, in a stroke of genius ‘guess right’. They employ computer programmes, to do the work for them, and cycle through multiple username and password combinations. Eventually, their efforts reward them with the information.
There are three key strategies that cyber criminals use to exploit human and security vulnerabilities to enter your business system:
Using your ill-gotten personal information, hackers will leverage the data stolen. They will apply for credit or debit cards, transfer funds, file fraudulent tax returns, use your health insurance, rent a house in your name, commit crimes using your identity, or seek a ransom for the information stolen, to mention only a few.
Recommended by LinkedIn
“Identity is the new battleground, but most are unprotected against attacks” Microsoft
Lock it, or lose it
So why is there such a low adoption of stronger IT authentication? Maybe it’s human nature. According to Aviva Car Insurance, only 77% of people lock their cars. It’s the same with mobile phones, only 1 in 5 users employ a screen lock on their smartphones. And when it comes to homes, it’s suggested that six out of ten people have left their homes unlocked as they go out. When it comes to IT, having information stolen is horrible, cyber criminals can wreak havoc on your business finances, its reputation and, on you.
Best practice for securing your IT data
When you sign into an account, typically you need to authenticate who you are. You will be asked for your username, or logon sign-in credentials. With MFA, you will then be asked for a second verification of your identity.
It’s essentially an additional password, a second security layer to prove who you are, and if you pass that verification, you can continue on into your network. This won’t happen just the once, whenever you need to enter your device/network, you’ll be asked to perform the same actions to enter, typically within a space of time.
The good news - along with MFA, there are lots of simple security solutions, that can be used in combination, to mitigate you and your business becoming a statistic.
Protect your business from online threats and always make password hygiene a priority. Remember, hackers are not the kind of criminals that give up. But, they might think twice if they see a herd of elephants.
At CNC we have a number of Security Services that help our customers protect their business from Cyber criminals. Please do not hesitate to contact us on 01273 384100 for further details or email sales@cnc-ltd.co.uk .