Multi-Factor Authentication (MFA) can play an important role in keeping remote workers and corporate network secure During The COVID-19 Crisis.
Key Points:
- As employees go home to work by the millions, bad actors see a huge opportunity to hack into company networks.
- Most companies are not up to speed with multi-factor authentication, and so they face heightened cybersecurity risk.
- Research shows multi-factor authentication can help stop the majority of network compromises
The Covid-19 pandemic threatens business performance and continuity on so many fronts, by forcing employees suddenly switch to working from home.
Making matters worse, cyber criminals taking advantage of the crisis have caused a surge in phishing attacks that feed on people’s fears.
Companies that have not yet shored up their defenses against phishing with multi-factor authentication are particularly exposed.
Panicky workers suddenly isolated from their day-to-day secured environment can be lured to click through and share passwords and other data that can compromise your network and your business.
At the same time, employees’ expanding telework options are providing new attack points for targeted phishing that compromise entreprise cloud storage , remote access or collaborative platforms. With teleworkers increasingly blurring their personal and business use of mobile devices, phishing has also been growing in mobile messaging, productivity, social, as well as mobile email.
Let start by looking at the current use of authentication, we see that most systems use the combination of username and password as the primary form of authentication. This is based on the security system ‘something you know’, as all approaches for human authentication rely on at least one of the following:
- Something you know (e.g. a password).
- Something you have (e.g. a card or a mobile phone)
- Something you are (e.g. a fingerprint or iris of the eye)
When we talk about multi-factor authentication, we implement at least two of these principles in an authentication process.
Benefits:
- Firstly, it increases security. If one method is compromised, the second can act as a backup.
- Secondly, and potentially more importantly when we are talking about end-user behavior and adoption, is that the implementation of two factors in your authentication process allows you to be more lenient in the strictness and complexity of authentication parts.
One of the best things you can do is to turn on multi-factor authentication as the system is already included and free of charge in plenty of IT technologies including Office365 and G-suite.
Microsoft urged last year, saying that the technique can keep accounts from being compromised over 99.9% of the time. At the same time, Google’s research has found that two-factor authentication can stop 96% of bulk phishing attacks and 76% of targeted attacks.