Multi-Factor Authentication (MFA) is something a lot of IT professionals know about but never want to bring up to their clients. MFA is the next step defense in your everyday battle in protecting your day to day operations. So let’s talk about it.
What is MFA?
Multi-Factor Authentication (MFA) is the security technique of using multiple methods of authentication to verify identity (i.e., password authentication combined with phone verification/password and third-party application verifiers such as Oauth or Microsoft authenticator). MFA is a step up from your common Two-Step Verification in that you can have multiple user authentications enforced via authentication policies.
Why is MFA so important?
Whether you’re in the cloud, on-prem, or hybrid, using MFA is an added step in protection into your infrastructure/data/operational compliances. A recent study shows that 83% of Americans don’t use strong passwords. (But we already knew that right?) How many times do you come across a user that’s using their birthday combined with their last name or phone numbers, or even social security numbers? You can implement dozens of different password policies, and users will come up with clever means of still using everyday life circumstances as their passwords. It must be human nature. MFA gives administrators another layer of peace of mind for those end-users who just have to find a million ways to still use their dog’s name!
What products offer MFA services?
With the rapid increase in cloud adoption in both SaaS/PaaS/IaaS space, Microsoft has welcomed MFA with open arms. They have gone as far as to grant their MFA services free of charge to any admin role in their Office365 and Azure platforms. You can even integrate Azure MFA with your local Active Directory. To learn more about Microsoft MFA, click here.
Another application that’s been used on-premise for years is Duo. Duo is an MFA platform that uses proxy policies for authentication logins. Duo will integrate with servers in the cloud as well, allowing administrators to integrate RDP sessions, for example, with MFA services. Though Duo does integrate with Azure AD services, additional Azure licensing is required. Click here for more info.
Amazon Web Services (AWS) offers MFA services at no additional cost. Click here to read more.
Wrap it up
The need for increased security protocols has been leading to this point for quite some time now, and we need to take advantage of every security measure we can, as our end-users are our first line of defense. Adoption of MFA should not be so stringent in today’s workforce, as the majority of users are, more than likely, using some form of MFA in their everyday lives and don’t even recognize it. It is up to us, as IT Professionals, to constantly stay abreast of the best technologies that can make our lives that much easier in the constant battle for protecting and enabling your data.