You may have heard the term Multi-Factor authentication (or MFA). Even if you haven’t, it’s likely that you are using it today with one or more of your online accounts. When your online banking and credit card applications require you to receive a one-time authorization code via text message and then plug it into the app after you log in – that’s one type of multi-factor authentication (MFA). When your online app asks your phone app to authenticate you, via thumbprint or a “is this you” prompt, that’s MFA. And while Multi-Factor authentication is a minor interruption for the user, it allows your financial institutions to make sure it’s really you logging on—giving you peace of mind that a cybercriminal who might have gotten your login credentials can’t get in and take your money.
Multi-Factor authentication is also an important consideration for the applications your business uses, particularly those that contain sensitive information you want to keep out of the wrong hands. For any applications subject to privacy regulations, you might even be required to implement Multi-Factor authentication.
And MFA simply just makes good business sense. It shows you’re serious about protecting information belonging to your customers, business partners and employees—as well as the intellectual property of your company.
Implementing MFA for Office 365 users, the path is simple. If you already have a Microsoft Office 365 account, you should be turning on MFA, it’s free! But that won’t be enough, as it only covers Microsoft Apps, you need MFA for all your business apps.
Fortunately, Microsoft offers several tools that many PulseOne customers rely on for non-Microsoft applications:
For your applications running in the cloud, another Microsoft Multi-Factor authentication tool to consider is Azure AD Conditional Access. With this tool, you can configure and fine-tune your access policies with contextual factors such as user, device, location, and time of day information. This makes it easier and more efficient to control what specific users can access and how and when they have access.
Key capabilities include aggregating signals across users, devices, app sensitivity, and sessions. You also get real-time and calculated risk detections so you can make informed decisions on who to block and who to let in. You can also verify every access attempt and apply controls. If necessary, you can use granular policies to move beyond simple access-and-block decisions to support end-user productivity and strengthen security.
Ultimately, the key to securing your user and customer accounts—as well as the applications and data those accounts are connected to—comes down to striking a delicate balance. Yes, you want to create a strong security posture around your digital assets and sensitive information; but you also want to make it easy for users to access the information they need to do their jobs, and even more importantly, for customers to do business with you.
Multi-Factor Authentication is a great way to achieve this balance. Users and customers can still log into your systems quickly while you enjoy the peace of mind that they are not a cybercriminal pretending to be someone they are not!
For more information on how to build a stronger security posture for your business by using Multi-Factor Authentication tools from Microsoft, contact us today!