Cloud Technology & IT Security Specialists Ask a question 01223 921 000 Client Area

Multi-Factor Authentication and why it’s crucial when you’re working from home

There has been a definite trend towards a generally more mobile, distributed workforce for years now – this also includes remote workers. 

However, the onset of the COVID-19 pandemic has catalysed a necessary acceleration for many industries that they might not be adequately prepared for. 

With the world on lockdown, even major organisations such as Google, Amazon and JPMorgan Chase have asked their employees to work from home for the foreseeable future and working from home for companies this vast and important could pose a significant security risk. 

That’s why multi-factor authentication (MFA) needs to be considered not just for these gigantic companies but for any organisation making the shift to a largely remote infrastructure for the time being, particularly if they are working through a cloud-based portal.

Thinking beyond perimeters

The solution that many remote workers have turned to for years to keep their work safe is the use of a virtual private network (VPN) and whilst this is indeed a legitimate solution for many, when used alone it can still be hacked. 

A great option is a centralised authentication service that relies on multi-factor authentication so that organisations are less susceptible to the inherent weaknesses of many VPNs.

Beyond password protection

The common logic in the past was to simply password-protect everything, but passwords alone are rarely enough when you’re working with ‘big’ consumer data, which is increasingly valuable to hackers and other nefarious online groups. 

The vast majority of passwords are duplicates and can easily be traced, particularly if employees use that same password on less secure or unapproved apps. 

Fittingly, passwords need to be augmented with a layered combination of authentication factors that can include anything from a dongle or smart card to biometric scanning and even behavioural actions. 

These are so much easier to implement now thanks to the fact that so many of us already own smartphones and computers that utilise this technology. As such, we use our fingers to unlock our phones now, so why shouldn’t the same measures be taken when accessing our work from home?

A Verizon data breach investigation found that roughly 29% of all cybersecurity attacks were made using stolen passwords and even the strongest and most cryptic passwords can be broken with enough effort. 

With so many of us now working from home due to the coronavirus pandemic, all organisations shouldn’t just be asking their employees to make their passwords stronger, they should be instigating more elaborate MFA measure.

But what MFA options are available (and affordable) for companies operating during this unprecedented time?

MFA options

Digital token – This will take the form of an SMS message or an email often containing a bespoke PIN number that’s used as a one-time password. Moreover, you could also use a phone call to generate this code. Some platforms also allow login via social media platforms but be aware that these are prime targets for hackers.

Physical token – This will be a USB key or card that can be used to generate a secure password. This device will generate a unique code every time it’s used.

Mobile device – Using an app such as Google Authenticator on your smartphone or tablet you can add an extra layer of security that requires a password and a unique app-based login.

Biometrics – Fingerprints and retinal scans used to be the stuff of science fiction but now we use them every day. Privacy concerns might hold some companies back from instigating such a supposedly ‘invasive’ option but it’s very hard to fake a fingerprint.

The benefits of MFA

Multi-factor authentication is rapidly becoming standard amongst major tech companies and in a world that’s being forced to expedite the move towards a remote working future, it’s a standard that should also be considered by everyone else.

An MFA offers better security for both customers and employees, more secure logins, greater customer trust and reduced operating costs, as there can be few events as costly as a data breach.

With so many MFA options to chose from, it’s a flexible way to balance customer experience and modern security requirements in a way that reflects your goals. It’s also increasingly easy to implement. 

And, if you’re still on the fence, ask yourself this question – would you really be happy with just one lock on your front door in a time of crisis?