4.2. Security Toolkit: Multi-Factor Authentication (MFA)
What Everyone Needs to Know
Multi-Factor Authentication (MFA) adds a second layer of security when logging into your account making it more difficult for cybercriminals to access your account. This means when logging in, you typically need to authenticate in two ways (e.g., password you know and a device or a code you have).
With this, cyber criminals will need more than just your password to access your account.
You can enable MFA for your own accounts, but your organization can also enable this extra protection for all people working at the office.
What IT Needs to Know
MFA is quickly becoming standard practice to secure your information and data, and more firms and insurers are requiring MFA.
Your organization should enable MFA on any individual applications that have the option. You could also consider enterprise MFA solutions across all of your systems and applications. If your organization is using various applications for core operation (e.g., email, case management, time tracking, etc.), third-party MFA tools can be configured to cover all of these various services and identities. Additionally, many of the technologies your organization is already using will have MFA solutions built in. For instance, Google and Office 365 already have an option to enable MFA for your users. When you add MFA to these core applications and identity providers, you can combine the protections of MFA with single sign-on configuration to make access easier for the user and easier to manage for administrators.
Some MFA solutions include adaptive authentication. Adaptive authentication is a type of MFA that can be configured and deployed in a way that the identity service provider (IDP) system will select the right multiple authentication factors depending on a user's risk profile and behavior.
Solutions to Consider
- "Multi-Factor Authentication (MFA): Implementation, Best Practices and Benefits" (Stealthlabs)
- "Multi-Factor Authentication Best Practices & Solutions" (eSecurity Planet)
- "Two-factor authentication: A cheat sheet" (TechRepublic)