The risks of not having Multi-Factor Authentication
Blog|by Leanne Bevan|28 September 2022
October marks Cyber Security Awareness Month, and this year (2022), the theme is “See yourself in cyber”. There are four focus areas this year: multi-factor authentication, strong passwords, software updates, and protection against phishing.
This is the first in a series of blogs where we will look at each of the focus areas in more detail. Specifically, we will focus on the implications of not having such things in place.
First up is multi-factor authentication.
What is multi-factor authentication?
Multi-factor authentication (MFA) is a form of authentication that requires a user to provide two or more verification factors to gain access to a resource, such as an application, VPN, or online account. One factor is typically something you have, such as a mobile (where often a code is sent), and another is something you are, like a fingerprint to verify your identity. The last factor is a username or password.
What are the risks of not having multi-factor authentication in place?
Here are just some of the risks you’ll encounter if you do not have MFA in place:
Ease of hacking
Firstly, if you just access a workspace via a single password, regardless of how complex the password is, hackers have tools in place to hack and find out what that password is accessing all your data. And not only that, but they can also use your private information to their benefit to get access to other data and money, by pretending to be you. Scary right?
If hacked, cybercriminals could hold your data and apps for ransom. This could then be very costly, time-consuming and stressful to sort out.
IT peace of mind
For the IT team, using MFA and personal identification ensures they know it is definitely the right person accessing your company’s workspaces, data and applications. Providing peace of mind.
It’s also worth noting that multi-factor authentication is also a requirement for both Cyber Essentials and Cyber Insurance (there will be blogs on each of these in the coming weeks). Plus, compliance with various other data regulations. If you don’t have MFA in place, you’re not compliant.
Your company’s reputation can be at stake too if hacked. If customers see that you don’t take the necessary precautions, they may lose trust in your organisation and the safety of their information, and therefore move elsewhere. Losing your customer loyalty and income.
How can Grey Matter help?
We offer a number of multi-factor authentication solutions and have a dedicated cyber security expert who can discuss which option is best for budget and technical requirements. They can also explore the other ways you can protect your business’ data from all angles.
Fill in the form below to find out more and book a consultation with our cyber security expert.
Our next blog will focus on the importance of using strong passwords and password management tools.
Contact Grey Matter
If you have any questions or want some extra information, complete the form below and one of the team will be in touch ASAP. If you have a specific use case, please let us know and we'll help you find the right solution faster.
[ON-DEMAND WEBINAR] Microsoft Do More With Less: Explained
Mon 10 April 2023
This webinar is available to watch on-demand until 10 April 2023.
New UI enhancements in IntelliJ IDEA 2023.1
Find out what's new with JetBrains IntelliJ IDEA 2023.1.
[WEBINAR] Cyber Security Matters: Managed Detection Services
Tue 25 April 2023 3:00 pm - 4:00 pm BST
In this webinar, you will get an insight into what it would take from both an investment and operational point of view to create your own SOC and effectively how we have multiple offerings that can offer a better cost and a varying array of capabilities.
Acronis enhances security offerings with Intel® TDT technology
Acronis, a global leader in cyber protection, today announced the enhancement of its security defence against advanced fileless attacks using Intel® Threat Detection Technology (Intel® TDT) leveraging the Intel® integrated GPU to offload memory scanning operations from the CPU.