There is no such thing as completely bulletproof security. Every software has vulnerabilities. However, there is one security tool that has been found to block 99% of hacker attempts.
If you are not already using multi-factor authentication with your Office 365 subscription, it is a vital security piece to add.
Considering there are over 300 million fraudulent sign-in attempts every day and that the average cost of a small business breach is now $120k, it just makes sense to pay for MFA now--rather than paying for a breach later.
How Does MFA Prevent Attacks?
Multi-factor authentication works as an extra layer of security because it requires more information from the user attempting to log-in. These credentials could come in the form of a code sent only to the real user's phone and required to access their account.
Even if a hacker obtains your password, if they don't know what type of authentication is required for access AND have access to the personal device being sent that authentication--they won't be able to get in.
This is why MFA works best when another device is used to complete the process. For example: If Suzy wants to login to her laptop, she not only needs her password (which may be compromised) but the unique code sent to her phone via an authentication app.
Unless a criminal has Suzy's phone in their possession, the password alone won't be enough to breach her account.
What Types of Attacks Does MFA Combat?
MFA can help prevent many of the attacks hackers use, including:
1. Keylogging--a hacker is able (usually through phishing emails) to install a virus that captures every keystroke on a user's computer--including the typing of usernames and passwords.
2. Credential stuffing--the hacker obtains personal information (like a username and password) from a user and then uses that to try logging into many different sites and apps. This often works because users often repeat passwords across multiple accounts.
3. Brute force--a hacker writes a script that can generate thousands of username and password combinations every minute, trying each of them to login to the users account until a successful one is found.
4. Man-in-the-middle--a hacker uses a program to gain access to the information being passed between a user and an app (such as public Wi-Fi) to intercept personal information such as login info.
In each one of these attack types, the hacker obtained usernames, passwords, and other personal information that would make impersonating the user easy. However, if MFA was installed, the hacker would be denied access to the user's accounts unless they also provided the extra authentication code or approval-which is usually generated on a separate device and refreshed for each login attempt.
MFA is not foolproof, using a phone used for authentication can make a user more vulnerable. Also, MFA must be monitored to make sure it is always enabled and running properly.
For a business, when MFA is installed and employed across all user accounts--it provides critical protection of the wealth of data organizations store in Office 365.
Does your organization need to roll out MFA? Don't wait until a breach, contact us today.
