Skip to content

Adopting MFA Series Part 1: What is MFA?

Wondering if you should bring Multi-factor Authentication (MFA) into your organization?  If you're on the fence and not sure how MFA improves account security, start here.

Hubspot Featured Images v3 (3)

 
What is Multi-Factor Authentication (MFA)?

MFA is a tool that adds an extra layer of protection to your business and personal accounts.  It can also be referred to as 2FA (2-factor authentication) in some spaces, but the idea is the same.

An account that has MFA enabled will prompt you for a special one-time code after you enter your password.  This extra step  helps keep unwanted actors out and can double as a warning if you password as been compromised.

 

What are Some Risks of Not Using MFA?

The unfortunate truth today is that online accounts can be compromised without you even knowing about it. This can make you an unsuspecting (and unwilling) conduit for spreading those nasty phishing emails across your organization.

Microsoft has also expressed concern for the ever-increasing complexity and cost related to cyber-security breaches.  For smaller businesses and not-for-profits, this could be fatal blow to the bank account.

After this article, I highly recommend taking a read through Argari's H1 2021 Email Fraud & Identity Deception Trends Report.  It's great insight into trends they are seeing in cyber-threats today.

 

What are the Benefits of Using MFA?

Quite simply, MFA helps reduce the risk of having your account compromised.  It may be a small step in your overall cyber-security plan, but it's a critical one.

For example, if you use an authentication app (more on those below), you will get a push-notification to your phone or email.   Sometimes you'll get a notification that simply asks you to authorize or deny access to your account, some apps require a code, and some require both.

 

Process map when you get a push notification from an Authentication app.  If you did not trigger the notification then your account is likely compromised and you should change your password.

 

If you weren't the person to trigger that notification, then that's a red flag.  Go and change your password and don't forget to notify your IT admin if you have one.

If you did not have MFA enabled on your account, you may not find out your account was compromised until it's too late.

 

What are Popular MFA Tools We Can Use?

The short list below are a few of our favorites.  Microsoft Authenticator and Google Authenticator can be used for both business and personal accounts, while Duo is mainly for business accounts.

  1. Microsoft Authenticator
  2. Duo Authenticator
  3. Google Authenticator

In the next article on this series, we'll talk about each of these three apps in more detail.  For now, we've established what MFA is and why it's an effective at protecting your accounts.

If you're interested in ramping up your organization's cyber-security, give us a call!

Ready to learn more?  Read the next article.