The Importance of Multi-Factor Authentication for Business Email

One of the world's largest and oldest insurance companies, Lloyds of London, publishes an annual study ranking the greatest risks in each global city by GDP exposure. These risks range from interstate conflict to hurricanes to market crashes. In recent years, man-made risks have become a greater threat to economic output than natural disasters (59% of GDP risk). Cyber-attacks are rapidly contributing to the increase of the man-made risk exposure.

2017 marked an unprecedented year in cyber-attacks. Infosecurity Group estimates the number of cyber-attacks last year exceeded 160,000 instances. As our world becomes increasingly digitized and businesses become more reliant on the cloud, we inherently open ourselves up to more cyber vulnerabilities. However, there are some relatively simple ways to mitigate these risks.

A cost effective method to reduce the risk of a cyber-attack for both enterprise and personal computing is multi-factor authentication. This is especially salient for employees accessing company data remotely. According to IBM, a staggering 63% of data breaches occur due to weak, default or stolen passwords. With multi-factor authentication, businesses can still insulate their data even if bad actors obtain user credentials. Multi-factor authentication is one of the most effective ways to prevent unauthorized data access. Knowing precisely who your users are and what they have access to has never been more important.

What Is Multi-Factor Authentication 

Multi-factor authentication (MFA) is a security system that requires inputs from separate categories of credentials. For example, all email accounts require a user name and password. This is the most common form of authentication. Businesses are increasingly adding another step with the help of authenticator applications creating true MFA security measures.

An Authenticator

An authenticator app is a software token that implements algorithms to generate a one-time, temporary password. The user downloads the application to their mobile device and is prompted when logging in for the temporary password. Upon opening the app, the user will see the name of the system i.e. "ABC Corp" and six numbers which make up the temporary password. After about 20 seconds, the six digits regenerate. Without direct access to the mobile device, hackers can’t gain access to the associated account.

Other Examples of MFA 

We utilize MFA routinely in many facets of our lives outside of work. For example, entering a PIN number at an ATM in addition to inserting your bankcard is MFA. Some authentication techniques involve sending a randomized number via email or text message in addition to password input. However, this method can prove less secure since hackers can intercept text messages if they have access to the designated phone number. The most secure method for temporary passwords is through an authentication app. MFA can also involve biometric authentication such as a fingerprint scan.

With the pervasiveness of cyber-attacks, passwords can no longer remain the sole layer of protection for organizations and their email accounts. While the approach to cyber security is complex on aggregate, implementing MFA can quickly and significantly decrease the risk of data breaches via compromised passwords with little associated costs.

To learn more about Two-Factor Authentication and how it can protect your business, give us a call at
410-884-0225.