Much has been publicised in 2023 about increasing cyber attacks on Australian businesses. Data shows that the number of attacks has increased by 30%. Amongst the conversation, businesses have been urged to adopt Multi-Factor Authentication (MFA). Whilst most people have generally been exposed to this in some form, many remain unclear as to the true purpose & meaning.
Multi-factor Authentication (MFA) is an authentication method in which a user is granted access to a system only after successfully presenting two or more pieces of evidence to an authentication mechanism.
Why does your business need to use MFA?
The main target of hackers is generally the weakest points in your system. Commonly these are the passwords we use to access our devices where our most important company and personal information is stored. No matter how great you believe your password is, bad actors have many methods to obtain your credentials to find a way in. Some of the methods they use are:
- Phishing & Spear Phishing
- Keyloggers
- Credential stuffing
- Brute force & reverse brute force
- Man-in-the-middle (MITM)
In 2017 it was reported that 81% of hacking-related breaches involved weak or stolen credentials. Since then, businesses have adopted more and more cloud services creating even more sources for criminals to obtain your identity. With more staff than ever working from home on vulnerable networks the risk of breach has never been higher. Having a second factor of authentication such as using an MFA application on a physical device like your smartphone can stop these breaches and protect you and your organization even if your credentials are compromised.
MFA prevents those other than the approved user from being able to access systems like your email, financial systems, corporate data and more while also alerting your IT administrators of the potential attempts to breach your systems.
How does MFA work?
MFA has 3 core standards referred to as the Gold Standard. The recommendation is to implement 2 or more of these standards to be compliant. These are:
Something you know: This is your username and password
Something you are: These are Bio Metrics such as a fingerprint scanner and/or face scanner like how we access our mobile phones today. You can even use your location via GPS tracking, although some consider this the 4th method of MFA.
Something you have: This could be your mobile phone where you use an Authentication application, a card like a bank card or access card or a physical key like a USB stick or fob.
The Reality
Cybercrime will cost the business community more than $6 trillion USD annually by 2024 according to predictions. Shockingly, this number has already doubled in the last few years.
Forbes reported back in 2018 that 58% of cyber attack victims were small businesses with fewer than 250 employees.
The victims are not only the organisation, but the targets of these bad actors are information about your identity and that of your employees. Gaining your identity means gaining access and control of your organisation.
Introducing MFA to your organisation is simple and easy to do. If done correctly it’s as simple as opening an app on your smartphone. This small change however will make all the difference in the world to your protection against Cyber-attacks.
If you’re not currently using MFA or have security concerns about your data, contact us today.
Our seasoned experts assess your digital vulnerabilities and implement tailor-made strategies to improve your cyber security posture. From threat assessments and risk management to advanced security measures, we assist in building and maintaining resilience against evolving cyber threats. By combining proactive consulting with robust technological solutions, we provide a comprehensive approach to safeguarding your digital assets.
