Remote working has been the reality for thousands of companies around the world and, since January 18, 2021, also for Swiss companies. The security of company data has become the top priority, as the data inevitably ends up in the employees’ private areas. There are some efficient methods to improve data security, but multi-factor authentication (MFA) shows itself as the ONE that can repel 99% of all cyber-attacks in your company.
This is what the current threat landscape looks like
Today, sign-in still works the same as it has for a long time: to access the data, you need a username and password. No other options. As numerous studies and companies’ painful experiences of cyber-attacks can show, the password is not enough – no, BARELY enough to provide security of an employee’s account and the company’s data. No matter how well-thought-out and complicated it may seem to its owner, it is always relatively easy for hackers to crack it. There are more and more sophisticated aids and tools, which cyber criminals use to try out possible passwords. With more than 2200 attacks being carried out every day, the chance that your company is also being targeted by hackers is greater than you think.
We all know how the attackers are doing their dirty work, don’t we? The hackers get into the company network and spread/prepare attacks at their leisure. These attacks can paralyze entire companies and that’s the cyber attackers’ goal – to destabilize the company and get access to valuable data in order to get money for the stolen information or just to do it because they CAN. Both options are dreadful for businesses to think about.
As the cyber-attacks on Swiss companies such as Amag, Bouygues, Crealogix, and Meier-Tobler can show, being cyber-attacked is a harsh experience for every company. However, it is important to know that attacks can do even more dramatic damage: the Swisswindows example shows that cyber-attacks are responsible for the ruin of the company.
Understand MFA within just 1 minute
Knowing your enemy is important, but even more important is knowing how to protect yourself. As the Microsoft study shows, 99% of cyber-attacks can be successfully repelled by introducing multi-factor authentication (MFA). Are you not familiar with MFA? Wait, sure you are! We all know multi-factor authentication from online banking. The data in our bank account is protected by a second factor, and we see it as a security number, SMS, QR code, or similar. However, when logging on to the PC, many skip this little extra effort, even though it would significantly improve the security of the data. You can reduce this additional effort to a minimum thanks to conditional access where the second factor is only required if you log on outside the company network, for example.
The security of company data is important to every CEO. That’s why Peter Hunziker, the CEO at Hunziker Betatech AG, decided to implement MFA. He states that “With the company-wide MFA introduction, we have taken an important step towards more cybersecurity.” Thanks to the multi-factor authentication, the employees at Hunziker Betatech AG can securely log in and safely work worldwide while MFA comprehensively protects the company’s IT infrastructure against unauthorized access.
There are obviously enough MFA solutions on the market, since the buzz about the multi-factor-authentication has been in the cyber security market for some time already. One of the biggest IT companies, Microsoft, also has something to offer to those who consider adding an extra layer of security to their companies. Microsoft has its Authenticator app to carry out the authentication easily via smartphone or another mobile device, e.g., a smartwatch. But does the authentication process become as easy as Microsoft assures us?
Choosing an MFA solution is already half the battle
Although Microsoft offers some advantages of its multi-factor authentication solution, e.g., one identity/one account for all applications, there is always room for reasonable doubt. The most important question for both the CEO and the employees is whether the solution is really easy to set up. There’s probably no perfect solution to meet all your MFA needs, so you’ll need to go for one that covers most of them.
Since everyone in the company will be dealing with MFA, user experience plays an important role in choosing the right solution. There are a decent number of stories on the Internet that report employees facing multiple issues by using MFA from Microsoft. For example:
● Some Microsoft as Microsoft Teams are not working (properly) in certain Windows machines after enabling MFA.
● There are issues logging into MS Teams and Outlook.
● No more Microsoft MFA calls arrive, which are used, among other things, for VPN dial-up.
The Microsoft MFA solution is a strong competitor for many players in the cybersecurity market. It promises to help you safely sign into your Microsoft accounts by using the two-factor verification. Hence, accessing your accounts becomes secure…and easy? Two-factor verification is an additional security step that helps protect your account by making it harder for attackers to break in but, apparently, also for users to fully benefit from Microsoft multi-factor authentication comfortably from any device.
As Microsoft states on their website, “You can use the Microsoft Authenticator app in multiple ways, including providing sign-in without requiring a password, using your username and your mobile device with your fingerprint, face, or PIN.” But wait! “This phone sign-in method only works with your Microsoft work or school and personal Microsoft accounts. Your non-Microsoft accounts require you to use the standard two-factor verification process.” This fact might not cry loud and claim a certain flow by the Microsoft MFA; nevertheless, it may create discomfort in the era of mobile devices for some employees who rely on their mobile devices as an additional workforce and use non-Microsoft accounts.
Of course, you as a user can add non-Microsoft accounts to the Microsoft Authenticator app, but it relates only to nonmobile devices, e.g., table PC. It seems like the Microsoft Authenticator app is bound to web services from Microsoft when there are some solutions on the cybersecurity market that offer a wider compatibility horizon. For instance, NetIQ Advanced Authentication provides a smartphone method that facilitates users to easily authenticate through their smartphone. The authentication happens through the NetIQ smartphone app to perform out-of-band authentication. Moreover, the NetIQ Authenticator with the NetIQ Access Manager makes a powerful combo, as Access Manager has almost limitless options for integration, which also includes Azure AD.
The NetIQ Advanced Authentication Framework extends the basic multi-factor authentication options of Azure AD with the ability to leverage a variety of other authentication types. You can also control access to your entire mix of on-premises and cloud services, regardless of whether they run in your Azure environment.
As mentioned above, choosing the right solution is half of the success in implementing the multi-factor-authentication in your company. Another half is the smooth user experience, because the company is all about the employees, and security is all about protecting employees’ data. It is utterly important to start your multi-factor authentication journey with the right tool to get the most out of the MFA for your organization – repel 99% of all cyber-attacks in your company.
💡 Sources:
Baggenstos “Wie Sie mit MFA 99% aller Cyberangriffe abwehren”
Microsoft “One simple action you can take to prevent 99.9% of attacks on your accounts”
Microsoft Tech Community. Identity & Authentication issues
Microsoft Support. Accounts sign-in. Microsoft Authenticator app.
Microsoft Support. Adding non-Microsoft accounts to the Authenticator app.