The Importance of Multi-Factor Authentication (MFA)
February 7, 2022
As cyber attacks continue to rise at a staggering pace within the transportation sector– increasing 186% between June of 2020 and June of 2021– it’s become crucial to take advantage of the tools available to defer criminals from targeting your business.
Multi-factor authentication (also commonly called MFA, 2FA or two-factor authentication) is a critical component of your ability to avoid becoming a victim of a cyber-attack. If your organization completes electronic payments to and from clients, shares valuable client or employee data via email, or simply stores its financial data on devices, it is extremely important that, along with additional cyber-safety training, you consider a MFA solution.
While no cyber security method is foolproof, using multi-factor authentication can add an extra layer of security to your online accounts. So how exactly does multi-factor authentication work?
What Is Multi-Factor Authentication?
While complex passwords can help deter cyber criminals, they can still be cracked. To further prevent cyber criminals from gaining access to employee accounts, MFA is key.
Multi-factor authentication adds a layer of security that allows companies to protect against compromised credentials. Through this method, users must confirm their identity by providing extra information (e.g., a phone number or unique security code) when attempting to access corporate applications, networks and servers.
With multi-factor authentication, it’s not enough to just have your username and password. In order to log in to an online account, you’ll need another “factor” to verify your identity. This additional login hurdle means that would-be cyber criminals won’t easily unlock an account, even if they have the password in hand.
A more secure way to complete multi-factor authentication is to use a time-based one-time password (TOTP). A TOTP is a temporary passcode that is generated by an algorithm (meaning it’ll expire if you don’t use it after a certain period of time). With this method, users download an authenticator app, such as those available through Google or Microsoft, onto a trusted device. Those apps will then generate a TOTP, which users will manually enter to complete login.
Why Multi-factor Authentication and Password Management Is Important
Due to the increasing number and severity of cyber-attacks, and the ballooning costs associated, it has forced most insurers to more closely examine the security policies and procedures insureds have in place. History has shown that implementing MFA is incredibly effective at combating cyber-attacks, and as such, cyber insurers have begun requiring organizations to implement MFA in order to receive coverage.
Obtaining cyber coverage without MFA in place is very difficult and without it, your business will most likely encounter less coverage options. Having become a standard part of the cyber insurance application, many underwriting partners will not even consider applicants who have not implemented some form of MFA on their devices. Proactively preparing for this is key to obtaining the best coverage on the market.
Furthermore, ongoing password management can help prevent unauthorized attackers from compromising your organization’s password-protected information. Effective password management protects the integrity, availability and confidentiality of an organization’s passwords.
Above all, you’ll want to create a password policy that specifies all of the organization’s requirements related to password management. This policy should require employees to change their password on a regular basis, avoid using the same password for multiple accounts and use special characters in their password.
As a client of Cottingham & Butler, we want to work with you to understand why implementing MFA into your IT practices is so critically important and provide you with solutions to make the process as seamless as possible. Some solutions we provide include:
- Vulnerability scans of your network to identify potential opportunities to protect your business.
- Consulting services to help develop a cyber strategy.
- Implementation services that are designed to help you select, design, and implement a MFA solution as well as other key network security components.
As a business owner, you can choose to improve security and protect your business proactively, or sit back and take a reactive approach. Here at Cottingham & Butler, we firmly believe it’s not if, but when and how severe, which is why we recommend completing our free cyber insurance risk assessment to know your gaps and build a plan to protect your operations from the inevitable.
Contact your Cottingham & Butler representative to learn more.