Understanding the importance of Multi-factor Authentication (MFA): Cyber Security Awareness Month 202122nd October 2021
As we move into the final week of Cyber Security Awareness Month 2021, we’re taking a closer look at Multi-factor Authentication (MFA), the cyber security benefits that it offers and why businesses should be using this tried and tested technology.
We’ve talked extensively this month about the growing threat that cyber risks pose, not just to large multi-national corporations, but for small to medium UK businesses also. With ransomware attacks, phishing, and data breaches rapidly on the rise, protecting against these common but potentially crippling threats should be front of mind for businesses of all shapes and sizes. In order to best protect against cyber-attacks, it’s important to understand where these threats stem from and the underlying weaknesses in the system.
Over the last 10 years, the internet and its capabilities have improved substantially with many modern businesses now able to run complex applications over the internet as a result of faster speed and processing power. A large number of organisations now use online applications to work cohesively, with business and personal data being processed by these apps and stored by third parties on the cloud. This modern method of utilising cloud technology is a flexible and cost-effective way of working and has been widely adopted by many organisations.
The rise in remote working over the last 18 months has only accelerated the move to the cloud. In fact we’re now seeing smaller and more traditional businesses, with physical premises, also using this technology to allow staff easier access to their networks. While this shift has been undeniably beneficial to many businesses, it has also resulted in an increased risk to business resilience.
One of the benefits that cloud applications offer is functionality across multiple accounts, meaning that a single login can be used to access emails, word documents and much more. While this does allow staff to navigate multiple applications quickly and easily, it also presents a critical risk to cyber security.
In these instances, if a cyber-criminal is able to successfully learn the credentials of an authorised user and log in – they will typically have access to multiple systems. Once inside, criminals can steal data, intercept payments, extort businesses and more. The only thing preventing attackers from gaining access is passwords, which nowadays aren’t difficult for criminals to learn – using advanced technology and scams.
Multi-Factor Authentication (MFA)
As online banking services first started to appear in the late 1990’s, banks initially used passwords and codes to protect their customer’s accounts. Within a few years the limitations of these security systems were soon realised, with banks introducing One Time generated codes instead. Today this technology is used by all banks, because of the enhanced protection it provides.
Thankfully MFA technology is not just restricted to online banking but can be implemented across cloud applications so that businesses can increase access control. When attempting a login with MFA technology enabled, users will be sent a One Time code which can be used to successfully verify their login is genuine.
Speaking on the subject of MFA, our Cyber and Financial Lines Underwriting Manager, Matt Drinkwater said:
“It no longer matters what business you’re in, passwords are simply not enough in today’s world. Ensure your business is protected with Multi-Factor Authentication technology.”
With passwords no longer an adequate defence against cyber criminals in isolation, it’s vital that businesses use MFA to make sure their networks are resilient, not only defend against cyber-attacks, but ensure businesses are protected in case the worst happens. You can read more on De-mystifying Multi-Factor Authentication from STORM Guidance.
Our CyberSafe insurance offers a simple, robust solution for cyber liabilities, cybercrime and includes restorative support from ReSecure.
For more information about CyberSafe Insurance or our e-trade solution, contact your NMU Development underwriter or our cyber team;