What’s the Deal with Multifactor Authentication?
By Ian Richardson, Founder, Doberman Technologies LLC
Multifactor Authentication (MFA) is a big deal these days. Malicious actors from nation states like Russia, active persistent threat (APT) actors supported by those nations, and organized crime are increasing their activity in the cybercrime field.
The target of that activity is changing from large enterprise into the small and mid-market businesses and organizations – Hackers want to stay out of the news and spotlight of American law enforcement. No one is immune, Microsoft itself was breached by Lassus$, an APT group famous for large targets and splashy releases of successful attacks just this month.
Multifactor Authentication is what I like to refer to as a “magic tool.” Security measures, both cyber and otherwise, are built off the concepts of layers. The famous analogy is an onion – you must keep peeling back layers to get to the core, or data/network. Build a big onion, people eventually give up in tears. Multifactor has a particular place in that strategy because it solves a very big problem by itself.
To make sure we’re all on the same page, lets define Multifactor Authentication.
Authentication is something we all deal with daily – Its simply the process an I.T. system, like your computer, email, or a website, performs to make sure you are who you say you are. The most common method is a username and password combination. These days, that’s most likely your email address (username) and whatever password you chose at the time your registered for the system.
Multifactor Authentication occurs when you have to provide a second piece of data (a phone sent to your code, your fingerprint, a PINcode on a pin pad) to access the system.
The secret to why Multifactor Authentication is so “good” in terms of security is it prevents the most common attack technique by malicious actors – credential compromise. Regardless of the method, if a hacker has your username and password to a system, they can waltz right in and do anything you can do. Multifactor Authentication adds in a second step. When the hacker tries to log into your email, or bank account, or company line of business product – they’re stopped by the need for a code or accepting the login on your cell phone.
Not only does this prevent the breach, but it also alerts you via the MFA tool that something has happened – common Multifactor Authentication tools will alert you to the location of the log in attempt, the day and time, and what system is trying to be accessed. For example, you might see: Log in as Ian Richardson, from Mexico, at 12PM EST on March 23rd attempting to access Microsoft Office365.
That alert allows you to deny the attempt, but you can take the further action of accessing the system yourself and changing the log in credentials. If you’re using that same password for other systems, make sure to change it there too – see our blog here on how you can avoid all of this extra work: https://doberman.net/password-managers-6-key-benefits.
The impact of this can’t be overstated – Microsoft has said that 99.9% of attacks on systems can be prevented by implementation of Multifactor Authentication (1). It’s not a silver bullet, those don’t exist, but it is a magic tool that has huge impact on your security posture. If your organization is thinking about adopting MFA, and want’s to know where to start, Doberman can help. Book some time with us here: https://doberman.net/contact-us to get the ball rolling.