We often hear of confidential information being compromised, because of password and login breaches. Every 2 in 5 people, in the past year, have either had the much dreaded notification, had an account hacked, or a password stolen. For most organizations attacked, breaches caused by opportunist attacks were due to a weakness an attacker knew of and knew how to easily exploit. The most common being, weak password and stolen credentials that lack character variety and originality.
That is where Multi-factor Authentication steps in. MFA, for short, had been made available for Office 365 admin roles since 2013, and has since been introduced with an extended capability to any Office 365 user. Identity protection became a norm amongst users who have been exposed to phishing attacks, or know the consequences of compromised credentials. Businesses around South Africa have been quick to adopt towards a Password less Strategy and play their part in cyber security as a whole.
Multi-Factor Authentication (MFA) is a two-fold method of verification that’s made up of multiple authentication factors that ultimately present a challenge for attackers who try to break into secure networks. MFA is one of the most efficient and effective ways to increase your organizations security. With one time codes being a requirement in order to access Microsoft 365 – hackers find it significantly difficult to take over, even if they know your password.
Is multi-factor enough?
MFA increases the security of users logins for Cloud services with additional verification by means of acknowledgement via a phone call, text message with a One Time Pin (OTP) or an application notification on their Smartphone. Once the correct code is entered successfully, the user can sign-in with ease.
Sns Technologies recommends End user Baseline Policies that are put into place to protect all Office 365 users and requires users to register with MFA within a 14-day period. Once a user is registered, they are required to turn on Baseline Policies to activate MFA. Thereafter, MFA is required for administrative access for all users.
Second Factor Authentication can be facilitated in any of the following ways:
Call my mobile phone: Whereby the user receives a phone call that asks them to press a specific key on their phone. Once said key is pressed, the user can successfully be logged in.
Text a code to my mobile phone: The user receives a text message with a six-digit code that they may then enter into the portal as a One Time Pin (OTP).
Call my office phone: Serves the same purpose as “call my mobile”, however, enables the user to select an alternate phone in the event that they do not have their mobile phone with them.
Notify me through an App: The user configures a Smartphone App and receives a notification that they then need to confirm login. These Smartphone Apps are available for Windows Phone, iPhone and Android devices.
Show One-Time code in App: Using the Smartphone App mentioned above, the user starts up the App, enters the six-digit OTP provided by the App into the portal thus gaining access.
Why use Multi-factor Authentication?
Simplified login processes: The most significant benefit of MFA is the secured convenience that it allows with single sign-in processes. With the completion of the authentication process, you can easily gain access to everyday applications without needing to enter your extra credentials every time. Boosts your security efforts by requiring MFA for all users accessing Cloud based resources, including Office 365 services.
Increased flexibility and productivity: MFA helps to remove the burden of updating passwords and adding alternatives, thus boosting productivity. It enables a secure and convenient access route for remote users who access confidential client information.
Strengthens security: MFA strengthens overall security by mitigating the risks of social engineering attacks or phishing attacks by implementing the use of biometric and other verification elements.
It helps your customers IT department ensure a higher level of security for IT pro’s and administrators by adding a second layer of authentication when they log in.
Achieve compliance: By using MFA, you ensure that you take steps towards compliance that would support the constant protection of sensitive and critical data like your personal, financial and or business information.
These are security offerings available with easy adopting strategies and are part of the Office 365 managed experience at Sns Technologies.