With more and more companies establishing remote work strategies, it’s more important than ever for employees to use multi-factor authentication (MFA) or two-factor authentication (2FA) when accessing the company network. More than 80 percent of all hacking-related breaches leveraged weak, default or stolen passwords. The use of MFA adds a second layer of protection and has been proven to reduce unauthorized login to networks by nefarious individuals.
Logging into any network or web application requires a username and a password. But let’s face it, most people (maybe even you) don’t bother with complicated, hard-to-guess passwords because they are, well, difficult and hard to remember. Hackers have password-cracking tools that can test over a hundred million passwords per second! So if a hacker has your username and your password, he/she can waltz right into your network.
The bottom line is if you can log into an application over the internet, you should protect it with more than just a username and password. That’s where MFA comes in. There are different forms of MFA.
- SMS MFA is when a site sends your phone a text with a code to enter before granting access.
- Authenticator apps are also phone-based applications that generate a random, one-time-use code.
- Push-based MFA sends a prompt to one of your devices, either a mobile phone or desk phone, and you can either approve the login or deny it.
- Security keys are small physical devices that resemble flash drives and are inserted into your PC or laptop.
At MIS, we use a push notification application to log in to our Greenlight Cloud. It’s cloud-based and simple to use. When a team member enters his/her email and password, a notification is sent through their mobile app and he/she simply taps “Approve” or “Deny.” The whole process takes less than five seconds.
The primary goal of MFA is to reduce the risk of a data breach to your organization. It’s certainly worth five seconds of inconvenience to keep your company safe.
To learn more about how MFA can keep your company's data protected, contact us today.