The risks of not having Multi-Factor Authentication
Blog|by Leanne Bevan|28 September 2022
October marks Cyber Security Awareness Month, and this year (2022), the theme is “See yourself in cyber”. There are four focus areas this year: multi-factor authentication, strong passwords, software updates, and protection against phishing.
This is the first in a series of blogs where we will look at each of the focus areas in more detail. Specifically, we will focus on the implications of not having such things in place.
First up is multi-factor authentication.
What is multi-factor authentication?
Multi-factor authentication (MFA) is a form of authentication that requires a user to provide two or more verification factors to gain access to a resource, such as an application, VPN, or online account. One factor is typically something you have, such as a mobile (where often a code is sent), and another is something you are, like a fingerprint to verify your identity. The last factor is a username or password.
What are the risks of not having multi-factor authentication in place?
Here are just some of the risks you’ll encounter if you do not have MFA in place:
Ease of hacking
Firstly, if you just access a workspace via a single password, regardless of how complex the password is, hackers have tools in place to hack and find out what that password is accessing all your data. And not only that, but they can also use your private information to their benefit to get access to other data and money, by pretending to be you. Scary right?
If hacked, cybercriminals could hold your data and apps for ransom. This could then be very costly, time-consuming and stressful to sort out.
IT peace of mind
For the IT team, using MFA and personal identification ensures they know it is definitely the right person accessing your company’s workspaces, data and applications. Providing peace of mind.
It’s also worth noting that multi-factor authentication is also a requirement for both Cyber Essentials and Cyber Insurance (there will be blogs on each of these in the coming weeks). Plus, compliance with various other data regulations. If you don’t have MFA in place, you’re not compliant.
Your company’s reputation can be at stake too if hacked. If customers see that you don’t take the necessary precautions, they may lose trust in your organisation and the safety of their information, and therefore move elsewhere. Losing your customer loyalty and income.
How can Grey Matter help?
We offer a number of multi-factor authentication solutions and have a dedicated cyber security expert who can discuss which option is best for budget and technical requirements. They can also explore the other ways you can protect your business’ data from all angles.
Fill in the form below to find out more and book a consultation with our cyber security expert.
Our next blog will focus on the importance of using strong passwords and password management tools.
Contact Grey Matter
If you have any questions or want some extra information, complete the form below and one of the team will be in touch ASAP. If you have a specific use case, please let us know and we'll help you find the right solution faster.
Twice a year ESET collates its threat research to bring you an overview of the key trends and findings. Businesses can use this to gain insight into the cyber security landscape, and use it help identify areas that need further...
Thu 14 September 2023 3:30 pm - 5:00 pm BST
Our Azure Solution Specialist covers modernising existing applications and building new apps in a cloud native way
Tue 26 September 2023 8:50 am - 8:00 pm BST
A free .NET community event Join JetBrains on 26 September 2023 for this free annual online event for .NET developers. Ten amazing community speakers will share what they’re passionate about in the .NET world. Topics include C#, F#, Blazor, Avalonia,...
Wed 27 September 2023 3:00 pm - 4:00 pm BST
In this session with Secure Impact, we’ll run through several common industry myths around penetration testing, and discuss best practices.