Is your organization discussing enabling MFA? What are you waiting for? Usually when an organization is at the point of considering MFA, it is already too late. At least one email account has been compromised, or a hacker has attempted to gain access to one of your organization’s accounts, bringing the issue to their attention. Let’s hope you are not in that situation, and this is a proactive move.
Why MFA Matters
When we think of how MFA protects us, we need to look at this as a very simple and proactive solution where we back up our passwords with another layer of security. Unless someone has access to your MFA device, the password no longer matters, and they cannot proceed to the account. Plus, an additional benefit is that the device will alert you of the request for access. Multi-Factor Authentication may be the simplest and strongest tool in our arsenal that can help protect us from today’s hackers and those other nefarious individuals. A non-technical way to think about this is, our home is protected with a standard lock. We lock the door for safety, which prevents most individuals from trying to get in, but if we want an extra layer of security we also install an alarm that is paired with a unique code. Now, even though someone may get into our house, they will set off an alarm for which they do not have a code. If this occurs, you (and all your neighbors, possibly even the police) will definitely be notified. So it is with MFA – an extra layer to help stop bad actors from accessing your corporate accounts.
Most of Us Already Use MFA on Personal Accounts
Multi-Factor authentication is a way for our software platforms or other service providers (i.e. banks) to add that additional layer of security that identifies the actual account owner. More than likely we have all been introduced to multi-factor authentication at one time or another. MFA has been an integral part of cybersecurity due to the fact that all it takes is that one opening for someone to gain access to an account of ours and steal sensitive or financial information, that is why it is imperative to enable MFA. All our accounts that hold valuable information should have some sort of additional layer of security. At the very least the request we receive can show us when an attempt is made from an unrecognized location. Typically, by default MFA is not enabled. But how do we go about enabling when applicable?
How to Enable MFA in Your Microsoft 365 Accounts
Our corporate, business or government email accounts have become the lifeline of our organizations. Microsoft 365, Microsoft’s premier platform has become one of the largest email providers globally. Luckily, Microsoft has made things easy for us and deploying MFA can be done with ease. In the Microsoft Portal, the Enable Microsoft Azure Multi-Factor Authentication tab is all we need. From that page we can create a conditional policy to a group of users, we can also deploy users one at a time or all in one sweep. We can then work with the individual users to get them set up. On the user side, we have many different options, such as downloading Microsoft’s Authenticator app on our phones, getting a text, or even calling an office phone for the users who do not want to add anything work related to their personal devices.
Walking Your Team Through the Process
I have helped set up a number of clients with MFA. Typically, I like to enable a user or a group and walk them through setting up their accounts. They log into their account, select their preferred method, and test. You can think about what works best for your organization, but it’s always a good idea to get end users involved in understanding how their security and access control works. The more users are invested in helping to protect corporate assets, the more cognizant they become of potential threats.
Preventing Future Unauthorized Access
Once MFA is enforced for the organization, you can rest easy knowing you have a reliable method to prevent rogue access to company data. To be sure, this won’t stop attackers from trying, but you will be in a better position. Phishing attempts are delivered daily to most people’s mailboxes, and occasionally a user is going to slip up, mistakenly giving access to an attacker. However, when the bad actor goes to log in, they will be met with the MFA alert, which they will not be able to get past without having the user’s actual device and access to any codes protecting it.
In closing, whether you are the IT leader for your organization or the company President, the next project on your list should be enabling MFA if it has not been done already. Why are you still here?
Request a consultation with one of our experts to see how TRUE can help.