4.2. Security Toolkit: Multi-Factor Authentication (MFA)

What Everyone Needs to Know

Multi-Factor Authentication (MFA) adds a second layer of security when logging into your account making it more difficult for cybercriminals to access your account. This means when logging in, you typically need to authenticate in two ways (e.g., password you know and a device or a code you have).


With this, cyber criminals will need more than just your password to access your account.


You can enable MFA for your own accounts, but your organization can also enable this extra protection for all people working at the office.

What IT Needs to Know

MFA is quickly becoming standard practice to secure your information and data, and more firms and insurers are requiring MFA.


Your organization should enable MFA on any individual applications that have the option. You could also consider enterprise MFA solutions across all of your systems and applications. If your organization is using various applications for core operation (e.g., email, case management, time tracking, etc.), third-party MFA tools can be configured to cover all of these various services and identities. Additionally, many of the technologies your organization is already using will have MFA solutions built in. For instance, Google and Office 365 already have an option to enable MFA for your users. When you add MFA to these core applications and identity providers, you can combine the protections of MFA with single sign-on configuration to make access easier for the user and easier to manage for administrators.


Some MFA solutions include adaptive authentication. Adaptive authentication is a type of MFA that can be configured and deployed in a way that the identity service provider (IDP) system will select the right multiple authentication factors depending on a user's risk profile and behavior.

Solutions to Consider

Other Resources

Last updated on .

Table of Contents


    News & publications

    The news about recent activities for needed peoples.

    More News

    22 Mar 2023

    RFQ: California Indian Legal Services Technology Assessment

    California Indian Legal Services (“CILS”) is inviting quotes for a consulting…

    Continue Reading

    22 Mar 2023

    RFP: Technology Assessment and Security Audit

    The Center for Arkansas Legal Services (CALS) is seeking professional…

    Continue Reading

    Our Partners