As our article last week mentioned, it’s Cybersecurity Awareness Month! To celebrate, we will talk about various cybersecurity awareness topics during the month of October. This week is all about multi-factor authentication (MFA)--What is it? Why does it matter? Do I seriously need to use it? Let's get right into it.
Some Basics
Multi-factor authentication (also known as MFA, two-factor authentication, 2FA) is the process of using various (typically two) methods to verify a user's identity and allow them access to a system or application. There are three categories of authentication:
- Something you know - passwords, PIN numbers, security questions
- Something you have - physical devices such as your smartphone, a security token, or a card
- Something you are - biometric traits such as your fingerprint, your face, or your eyes
To perform MFA, you combine a username and password (something you know) with one or more of the items from the other two categories (something you have, something you are). This process makes it harder for someone to gain unauthorized access, since they likely won’t have easy access to something you have, or something you are.
By using MFA you are enhancing your security and decreasing the risk of someone gaining unauthorized access to your information. Microsoft found that by requiring MFA, there is a 99% reduction in the risk of compromise. We already know that the cost of a data breach can be detrimental to an organization with the average being $4.4 million. While the cost of MFA is also substantial, it is less than a data breach at about $3-5 per month per user for a method such as DUO or Okta (and don’t forget about the effect data breaches can have on your organization's reputation).
Our technological world is continuously advancing, meaning hackers are advancing alongside, and our practices for protecting information need to follow this trend. Implementing MFA at your organization is essential and should no longer be ignored. Don’t let the spooky season extend past our weekend pumpkin spice, trips to the pumpkin patch, and crisp air. Protect your data, use MFA, and engage with the spooky season the right way.