Why You Need Multi-Factor Authentication (MFA)

Updated 11/10/2019

Cybersecurity

I was at my home office when I got a text that said, “Join me on Ring Central and download these two apps.” It was Eric, Principal Partner at Consilien and Head of Cyber Security at Consilien.

The first app I downloaded was Google Authenticator for Multi-Factor Authentication (MFA). In today’s hyper-hackable home and business environment, MFA is an inconvenient necessity. While on the call, I was advised to also enable it for Facebook and everywhere I visit on the internet, which I’ve done as well, and you should too.

Cybercrime, like home and office robberies, are crimes of opportunity. If you lock your doors when you leave home, then you need to take the same level of precaution at the office. I often tell my friends and colleagues that everyday someone is trying to break into your business. Don’t make it easy for them.

MFA, Why You Need It

Long gone are the days when security was asking for two passphrases like, “The name of your paternal grandfather” and “Your mother’s middle name.” Now, we need Multi-Factor Authentication which bases identification on at least two of three of the following factors:

  1. “Something you know” like a password or login.
  2. “Something you have” token based, like receiving an SMS on your phone.
  3. “Something you are” like your fingerprint or iris scan.

There are a variety of MFA’s on the market right now. There are ones that use hardware tokens that you carry around with you like RSA SecureID or Microsoft’s OATH tokens. The biggest downside to hardware tokens is that they can be expensive to implement.

There are mobile tokens which use a mobile app like Google Authenticator, Push-based authentication tokens which will carry an encrypted message that can be opened only by the specific app on the user's phone like Authy. Please note however, that pushed-based platforms must integrate into the service you are trying to protect and not all of them integrate with the apps that run your business. Then there are QR code-based tokens which work offline.

For added security we’re using WatchGuards cloud-based push-based authentication app called AuthPoint which adds even more security. This proves to be a great choice, because AuthPoint just won The CRN Tech Innovator Awards in the “Security – Network” category.

“AuthPoint goes far beyond traditional two-factor authentication (2FA) by incorporating highly sophisticated methods to ensure authentication messages are coming from legitimate mobile devices, and leverages a large ecosystem of 3rd party integrations so customers can use MFA to protect access to the network, VPNs and Cloud applications.” (citation)

Watch this video to learn more…

Here’s to keeping your business safe and profitable.