Ethan often gets asked about setting up MFA, or Multi-Factor Authentication. Clients want to know what ComTech recommends, the best way to set it up, and if there are any pitfalls to be aware of due to the numerous options available. Here we will explain those best practices and provide examples.
What is Multi-Factor Authentication (MFA)?
First, let's define MFA. Multi-factor Authentication is a security system that requires more than one method of authentication to verify a user's identity for a login or other transaction. The easiest example is logging into Facebook. A username and password is entered, which is considered one piece of evidence. Then, Facebook might send a text message to a cell phone, and a second piece of evidence to authenticate is required such as a code you must enter.
Why Everyone Should Use MFA
It is highly recommended to set up MFA on all accounts that offer it. This is a crucial way to prevent unauthorized access to your accounts, whether it's social media, bank accounts, or credit cards. With multiple factors in place, extra layers of security are added, making it significantly harder for someone to gain access.
Different MFA Methods and Recommendations:
Here's the order of recommendation for how to set up MFA:
Authenticator App with Biometric: This is the top recommendation. Use an authenticator app on your phone where the only way to get into that app is with a biometric, such as a facial scan or a fingerprint. As of now, this is the most secure method.
Phone Call Verification: If an authenticator app with biometric is not available, the next best method is a phone call. The organization will call the cell phone to verify identity.
SMS/Text Verification: While common, SMS or text is not as secure as the previous methods. It's simple and widely used, but it is recommended to prioritize app or phone call verification if possible.
Email Verification: This is the least secure option and should only be used if the other methods are unavailable. Email can be easily compromised, making it a last resort for MFA.
The Importance of Multi-Device Authentication
One critical tip is using multiple devices for MFA. Ideally, set it up so a separate device is used for the second factor. For example, when you log into Facebook on a computer and need to get a code from an email on that same computer, it's not very secure. The preferred setup is to receive the code on a separate device, like a cell phone.
Why is this important? If a hacker gains remote control over the computer, the hacker could log into the accounts, check the email for the code, and gain access. However, if the code is sent to a cell phone, the suspicious activity will be noticed and unauthorized activity can be prevented.
Train Your Staff to Become CyberHeroes!
Have your staff had an in-person cybersecurity training lately? If not, learn more about our CyberHero Academy! Not everyone has the superpowers they need to identify and shut down cyberthreats. But after going through this academy, they will! This academy is FREE and we will cover:
- Multi-Factor Authentication (MFA): Detailed setup and best practices.
- Identifying Email Threats: How to recognize phishing attempts and other email-based threats.
- Response to Hacks: What to do if your system is compromised and how to mitigate damage.
- And So More!
These sessions are designed to empower staff with the knowledge and skills to protect your organization. Sign Up Here: https://comtechnc.com/cyberhero-academy
Implementing MFA is a straightforward yet powerful way to secure accounts against unauthorized access. By using methods such as authenticator apps with biometrics, phone call verification, and SMS or email as a last resort, essential layers of security are added.
Don't wait—start securing your accounts today! For more information on IT support or if you need assistance, don't hesitate to Contact Us.