Common Mistakes When Implementing MFA In The Workplace
Do you and your employees use multi-factor authentication (MFA) in your work environment? Well if you don’t, you’ll definitely want to after reading this post!
Recent studies have shown that only 57% of businesses implement MFA in their work environments. Although this number is increasing from previous years, it should be standard by now for all businesses to use it.
Don’t think it will happen to you? Last year Microsoft stated that 99.9% of accounts with reported breaches did NOT use MFA. Trust us, the extra couple of minutes could save you a huge potential headache in the future.
Common Mistakes and Misconceptions
- Only using MFA once is good enough
- Only using MFA for certain systems
- Relying on phone-based SMS MFA - this is not secure
What You Should Be Doing
- Use an authenticator app - this is much more secure than SMS
- Use a security key for an added level of protection
- Ensure MFA is implemented in all systems, not only select systems
- Educate your employees on the importance of MFA
If you’re an employer, you should make MFA mandatory for all employees. If you make it optional, many employees will opt for the easier way (which is no MFA) and that could compromise your company data.
Yes, MFA is annoying at times. It adds a couple of minutes more to your login routines and it may require you to open another device for verification. With that said, if you don’t feel as though the extra couple of minutes are worth it, you’ll think twice when your systems get breached leaving you with extremely costly and time-consuming issues to resolve.