The #1 Security Solution that Costs You Nothing: Multi-Factor Authentication
We have all seen and heard the warnings about the ever increasing number of cyber attacks against small business. More than crypto-ware, small and midsize businesses are targets of other forms for ransomware, impersonation, crypto-mining, and business email compromise attacks. The threats are real, as are the operational and financial risks to your business. Multi-Factor Authentication, or MFA, is an effective, “no cost” solution.
Along with the warnings, you are likely, almost certain, to receive pitches, promos, and offers for a never-ending array of security tools and services. Like other small and midsize businesses, you lack the bottomless budget. You cannot do it all; you need to prioritize your spending on security products and services with the biggest bang for the buck. “No Cost” solutions are, of course, the best option when they work.
Protect versus Prevent With Free Multi-Factor Authentication
Some security solutions protect your and your systems, other prevent access and actions. The difference is important.
Protection solutions help stop attacks from happening. Services like advanced threat protection and next-gen endpoint protection stop phishing, infecting attachments, and dangerous link attacks by blocking the attack from reaching you or your team.
Prevention solutions stop attackers from successfully accessing your systems and data. These solutions work after a cyber-attacker has figured out, or purchased, your identity.
In reality, you need both types of solutions. Protection solutions provide the broad shield against targeted and broad scale attacks. Since no protection is perfect, prevention solutions stop the attackers before they can get in and do damage.
“No Cost” Prevention: MFA
The good news is that you can deploy the most effective prevention solution, Multi-Factor Authentication, at “no cost.” We put “no cost” in quotes because, while the basic solution is free, you will need to spend some time setting it up and educating your team.
Multi-Factor Authentication is an authentication method that requires the user to provide two or more verification factors to gain access or entry to a system, application, or other online account or resource. Most of the applications and systems you use, including Google Workspace and Microsoft 365, include MFA as security feature and option.
These integrated MFA services often provide the second level of verification via SMS message, single-use link, and/or an authenticator app on your smart phone. In general, using an authenticator app is considered more secure than SMS message or single-use link.
As reported by Microsoft in 2019, MFA can block more than 99.9% of account compromise attacks. If a cyber attacker has your username and password, MFA is the best way to prevent them from getting in and doing harm.
Overcoming Objections with a Free MFA
When putting MFA in place, you may get some pushback or hesitation from your team.
- MFA does add extra steps when logging in, an inconvenience for your team.
- As you likely run several apps and systems, your team will need to setup multiple entries in one, or more, authenticator apps.
- Your team may need to create and save “backup access codes” in case of system or access issues.
While your team may object to the inconvenience, the added effort is reasonable given the level of prevention.
You Can Do More with a Free Multi-Factor Solution
If the number of accounts, passwords, and MFA services is too much, you have options. While they come with a price tag, single sign-on (SSO) and identity and access management (IAM) services can minimize the inconvenience. Most small and midsize businesses do not see the value given the cost, but it remains an option.
We Can Help
Configuring and managing MFA is part of our Basic, Business, and Premium Managed Cloud Services. We can also help you put MFA in place for your current IT services. For more information, click here to schedule a call with a Cloud Advisor or send us an email.
About the Author
Allen Falcon is the co-founder and CEO of Cumulus Global. Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.