Multi-Factor Authentication: Be Sure It’s as Flexible as It Is Secure

Member News

With organisations moving more resources and operations to the cloud, and work and commerce happening just about anywhere there’s an internet connection, the challenge of securing access is growing.

Securing access to data, applications and other resources is a lot tougher when someone seeks access from beyond the traditional network perimeter – and in today’s digital world, that’s increasingly the case. This makes the case for stronger authentication, and makes multi-factor authentication (MFA) a must. Your organisation needs MFA that not only provides security, but also makes it easy to adapt to different user needs and to how you change and grow. Strike the right balance by keeping these principles in mind:

The more ways to authenticate, the better for everyone

Look for a single MFA solution with a range of ways to authenticate users – no matter who they are, where they’re working or what kind of device or OS they’re using. For example, mobile-based facial recognition may be great for sales teams who rely on smartphones for access, but a FIDO (Fast Identity Online)-based security key is better for people working in secure environments where access to mobile devices is restricted. And if you’re contemplating extending authentication to customers, too, you’re likely to encounter an even greater variety of needs and preferences.

Wherever the cloud takes you, your MFA solution should go with you

Every organisation is on a cloud journey of some kind, but every cloud journey is different. For every company that’s betting everything on the cloud, there’s one that’s getting there one methodical move at a time. The right MFA solution is the one that’s right for wherever you are in your cloud journey now, and also for wherever that journey takes you. Make sure the solution you choose scales along the way, with no rip-and-replace surprises or other disruptions.

Authentication anywhere should be just that, even without an internet connection

The frustration of trying to get access to resources when there’s no way to connect to the internet affects everyone – from the users or customers who can’t connect with the resources they need, to the organisations that lose productivity or revenue because of the inability to connect. Choose MFA that works seamlessly, even when the person who’s authenticating is completely disconnected from the internet.

In a recent EMC and Vanson Bourne survey of more than 10,000 IT managers, 71 percent said they believe IT must serve as in-house brokers for on-demand services to help business growth. One imagines that, immediately after answering that question, they emitted a collective groan.

That’s because the IT manager’s plate is already heaped with a mountain of priorities. In addition to keeping the network up and running, and fulfilling the many competing requests from departments across the organization, they now need to think strategically about supporting business growth while also keeping security top of mind.

Admins have installed antivirus software, raised the firewall, deployed encryption technology, and periodically run vulnerability tests. But the sobering reality is that if multi-factor authentication (MFA) is not in place, these other security measures can be bypassed. A best practice for IT managers is to categorize their systems to identify the ones that contain access to business-critical data, and then add MFA on top of those. MFA has low complexity, which makes it an easy addition. It can be rolled out quickly without busting the budget.

IT complexity is a real and ongoing issue. Each change to the network has the potential to set off a chain reaction of tweaks and adjustments, which can irritate users and keep them offline. Since a streamlined authentication process keeps productivity (and morale) high, IT administrators should ensure that each new upgrade or addition affects access to critical programs as little as possible.

Advancements in remote access enable more and more employees to work from any location. The IT department is responsible for facilitating the ability of the remote workforce to perform its functions from outside the office environment, which means its authentication strategy must make it as easy as possible to safely access business applications from anywhere, at any time.

Using MFA, administrators can adapt the level of support needed using contextual information, such as login behaviour patterns, geo-location, and type of login system being accessed. For example, if the user is logging in from a trusted location where they have logged in before, they will not be prompted for a one-time passcode in order to authenticate. This allows end users the needed security with greater ease of use while working off-premise.

8 reasons to support use of multi-factor authentication

These data points support the need for MFA:

  1. Identity theft is an easy, low-risk, high-reward type of crime and a threat to all businesses. It is the fastest-growing type of crime and is now more profitable than drug-related crimes.
  2. Weak or stolen user credentials are hackers’ weapon of choice, used in 95 percent of all Web application attacks.
  3. From 2013 to 2014, the number of successful breaches went up by 27.5 percent. The malicious actors are winning the war.
  4. Headlines tend to belong to the household-name companies, but they are not the only companies being targeted. Of all targeted attacks, 31 percent are aimed at businesses with fewer than 250 employees.
  5. Anti-virus systems and advanced firewalls are necessary security elements, as are vulnerability tests. Without user authentication, though, the front door is wide open to intruders.
  6. Password theft is constantly evolving as hackers employ methods like keylogging, phishing, and pharming.
  7. Cyber criminals do more than merely steal data. Often, they destroy data, change programs or services, or use servers to transmit propaganda, spam, or malicious code.
  8. Employees are already accustomed to authenticating themselves in their personal lives, as providers of online services like home banking, gaming, social media, and email have all adopted mobile-based tools to effectively authenticate their users when accessing their systems.

Security’s sanity-saver

Today’s IT administrators deal with pressures and demands from all sides, including the critical need for top-notch security. As cyber criminals morph their methods in ever-more clever and complex ways, admins must protect the network in such a way that access remains easy. Multi-factor authentication enables IT admins to rest a little easier, knowing that they have deployed a security strategy that protects the company’s platforms and users alike, thus reducing complexity while ensuring access and boosting the flexibility of remote workers.