We regularly write about Multi Factor Authentication (MFA) because it is a vital tool in the cyber security armoury. In March we blogged about how important it is to turn MFA on whenever you’re given the opportunity, such as with bank accounts and social media. Today’s blog explains why we need to be proactive in seeking out MFA within business, only using suppliers that provide it as standard.
Phase 1 – email accounts
There are three phases to MFA deployment. Firstly, start with email.
Most cyberattacks arrive via email, so get this base covered first. Think about the amount and type of information that is circulated via email and you soon realise how essential it is to add protection. Not only are our inboxes filled with information, but a lot of the data will belong to our customers. Not only should we protect ourselves and our businesses, but also recognise the responsibilities we have to those that have trusted us. Take that trust seriously and do everything within your power to protect email data.
Your email mailboxes can become a communication gateway if they’re left unprotected. Think about all the information contained within your business systems and how useful it could prove to criminals.
Phase 2 – accounts, payroll and HR systems
Look specifically at MFA for systems used by Accounts, Payroll and HR.
Much of the data stored and used by Accounts and Payroll contains monetary information, such as bank account details. This information is like gold dust for hackers. There is so much data that can be lost to cybercriminals – don’t give them the chance to strike.
Your Human Resources department will also have a wealth of information on current and former employees. Combined with payroll data, there will be enough information to successfully apply for a credit card. So, once you have your email accounts protected, make sure MFA is also protecting your most sensitive systems.
Phase 3 – every portal and system
As an organisation make it policy to only use platforms and suppliers that support MFA. We appreciate that this could appear to add complexity and time to tasks, but it’s time and effort well spent. At Net Primates we won’t sign up for any system or service that doesn’t allow MFA. Trusted suppliers will be keen to help you remain secure; we are all in this together, after all.
Where to start
We always endorse baby steps and don’t want you to feel overwhelmed. Doing something is always better than nothing, so where are you going to start TODAY? Even if you don’t know where to start, make a plan to a find out more. You can always ask us at Net Primates. We’re committed to IT Security – without it we are all targets – and we’ll do whatever we can to help keep you safe.