make a good business better

Blog Information Security

Print Divider Print Divider Branding
 

Why Multi-Factor Authentication Is a Must

11/30/2017  |  By: Sese Bennett, CISSP, CISM, QSA, ITIL, HITRUST CSF, Senior Manager, Information Security

Share

Social Logo Social Logo Social Logo Social Logo

While attacks on organizations have become more complex over the years, basic attacks—such as email phishing—that can be done by almost anyone are still rather effective ways of gaining access to an organization’s most sensitive and critical information. While many organizations deploy multiple security controls designed to reduce their attack footprint and insulate their data and systems against attack, those protective controls are nullified if an attacker can obtain a valid set of user credentials to the environment. Multi-factor authentication has evolved as the single most effective control to insulate an organization against remote attacks and, when implemented correctly, can prevent most threat actors from easily gaining an initial foothold into your organization, even if credentials become compromised.

What is Multi-Factor Authentication?

Multi-factor authentication is the process of identifying users by validating two or more “factors,” or characteristics that are unique to that user. Three different characteristics are often used as factors in the authentication process: something you have, something you know, and/or something you are. Common implementations of multi-factor authentication include the “something you know” factor (i.e. password) and “something you have” (i.e. one-time passcode sent to your smartphone or provided via a token). While authentication is the process by which a computer validates the identity of a user (i.e. username and password), multi-factor authentication adds an additional layer of protection and security against one of the most common types of breach—compromised credentials. Without the added layer of security through multi-factor authentication, it is more difficult to truly verify that the user who accessed the system is who they say they are because passwords are still very easy to guess, crack, or steal.

What are the Benefits of Multi-Factor Authentication?

Implementing multi-factor authentication across an organization’s Internet-facing assets is one of the most effective ways to prevent unauthorized access to sensitive data. Multi-factor authentication, when implemented correctly, can be used to safeguard often overlooked points of authentication, such as email and business applications. Without this extra layer of protection, an attacker can exploit an exposed email account or compromise a poorly-protected application to gain access to additional user information—or even worse, use the compromise as a “foothold” to escalate privileges and gain superuser access to the entire environment.

An often-overlooked benefit of multi-factor authentication is seen when threat actors attempt to authenticate to an account with multi-factor authentication enabled, and the targeted employee receives the second authentication factor. The employee, if trained properly, should recognize the compromise and report it to his or her security or IT department for resolution and further prevention.

How Can Multi-Factor Authentication Be Applied?

Multi-factor authentication can be used in any scenario (internal or external) where an additional layer of protection and security against compromised credentials is required. One of the most important applications of multi-factor authentication is its use for accessing and managing network environments remotely. Since accessing remote environments does not require an attacker to be present in order to gain access to a computing resource, it creates a layer of anonymity that an attacker can use to their advantage. Whenever talking about remote access, we also want to think about a secondary control like multi-factor authentication to ensure that whomever is accessing the remote resources is truly who they say they are. Multi-factor authentication provides this assurance in remote environments and is highly recommended for any remote access, and especially so for remote administration of cloud services.

With the increase of cyber-attacks on organizations, password strength cannot be relied on as the only layer of protection for an organization to preventing threat actors from gaining unauthorized access. Although not bullet-proof, multi-factor authentication is a proven way to lessen the likelihood of a data breach via a compromised password. Want to learn more about how LBMC Information Security’s experts can help your organization prevent an attack through multi-factor authentication? Contact us today!

Posted in: Security Consulting