Multi-factor Authentication Is Now Essential for Staying Protected

You are here

hands on a keyboard

Keeping your business secure from a growing array of complex threats has become a tall task for any security team to achieve. Yet, we still see many organisations ignoring the most glaring weaknesses in their security posture.

Passwords are still a common security factor, but on their own they’ve become a liability. We know that 81% of data breaches involve compromised passwords or credentials according to Verizon’s 2020 Data Breach Investigations Report.

Where a secret password was once the height of spy-level security, these days they’re relatively simple for a motivated attacker to subvert. Particularly when Virginia Tech research has found that more than half of us tend to reuse the same password due to password fatigue.

Given the relative ease with which attackers can either steal, guess or reset password, we need to assume that every password is now compromised on its own. As we discussed in a previous article (link to Essential 8 article), the Australian Government has now recommended organisations begin implementing multi-factor authentication as a vital part of their cyber security strategy.

Multi-factor is the bare minimum in digital authentication

According to the Australian Cyber Security Centre, multi-factor authentication is defined as  - using two or more authentication factors to authenticate a single claimant to a single authentication verifier. These authentication factors could be two or more of:

  • something you know such as a PIN or password
  • something you have such as a physical token or smartcard
  • something you are such as a fingerprint or iris scan

To begin neutralising the risks of compromised passwords, multi-factor authentication is now the bare minimum for any form of web security. Even if a password is compromised, without approval at the second factor, a password alone is useless, and the intruder cannot gain access.

Bringing a multi-factor authentication solution into your business requires careful consideration of your technology environment and the unique security requirements of your applications and data. We suggest evaluating potential solutions by considering the following factors:

  • Security capability – Does the solution protect against real threats and tangibly reduce the risk of a data breach?
  • Strategic compatibility – Will the solution integrate with your strategic initiatives and meet you compliance requirements?
  • Immediate scalability – How quickly can you get the solution up and running, and scaled across cloud and on-premises environments?
  • Ongoing visibility – Can your solution offer insights into user and device access of apps and data?

As a first line of defence, Area9 reccomends Cisco's Duo multi-factor authentication – an industry-leading cloud-based solution that’s been engineered to provide a simple, streamlined login experience for every user and application, while integrating easily with your existing technology.

Area9 has an experienced team of experts who can help you improve your business IT security with a set of services to address each customers specific requirment. Our experience across both enterprise and government enables us to provide best-practice solutions for:

  • Multi-factor authentication
  • Network security
  • Next-generation firewalls
  • IDS/IPS Systems
  • Endpoint security
  • IT security management

Get in touch with us today to begin securing your business against a growing threat landscape.

Contact Us

Share