In today’s online world, we are seeing more and more attempts to compromise business email accounts and devices. One of the most common attacks we see is phishing, which we’ve written about in the past. One of the best ways to combat phishing attacks is Multi-Factor Authentication (MFA).
What’s the Problem?
Cybercriminals rely on human nature – trust, excitement, greed – to craft emails that will trick people into clicking malicious links. Not only that, but they usually write the email in such a way that the recipient feels an urgent need to click the link, whether it’s an important invoice, a prize won, or an opportunity for some quick cash. When the victim gets to an email login screen, then, they don’t think twice about entering their credentials – they need to get to what was promised in the email! But just like that, their email password has been compromised, and within minutes, the attacker could be causing all sorts of chaos, including sending malicious emails to others as the victim, stealing confidential or proprietary information from saved emails, rerouting the victim’s email to their own, and more.
MFA for Email
Unfortunately, these attacks are very common today, and not every employee is an expert at spotting them. One of the best ways to protect your business is to implement MFA for all employees’ email accounts.
How does it work?
When logging into email on a new device, the employee will enter their normal email address and password. They then get a second prompt – usually to enter a code from an app or a text, or to accept a phone call and press a certain button to approve the login attempt. This makes it so that even if an employee accidentally gives up their credentials, the attacker still needs the second layer of authentication, typically a code that they have no way of knowing. Adding this extra layer of protection helps prevent innocent mistakes from turning into disasters.
MFA for Windows
A newer product being considered and implemented by more businesses is MFA for Windows. This uses a third-party service to require a second layer of authentication when logging into a Windows PC. It works very similar to MFA for email, where the user gets a code or answer a phone prompt to approve the login. MFA for Windows may not be the best solution for every business, but businesses whose employees handle sensitive information, such as financial data, on their PCs daily may want to consider this added layer of protection. This helps prevent data compromise both from remote attacks and in the event of unauthorized physical device access.
There is no sign of cybercriminals slowing down their attacks, and they get cleverer by the day. Implementing a solid second layer of authentication through MFA helps ensure company networks, emails, and devices stay secure. Many banks and other institutions are already requiring this for online accounts, so it’s common that employees will already have some familiarity with the process in their personal lives, making it relatively painless to implement. If your business is considering MFA and would like to know more, Contact Us at today.