Now more than ever, Cybersecurity issues are increasing throughout businesses. This danger is being enhanced by so many of us working remotely.
Criminals are becoming more sophisticated with the types of cyber-attacks they perform, so it’s essential that your arsenal of protection is sophisticated enough to keep up.
One defence methodology we recommend using is Multi-Factor Authentication (MFA) whenever possible, especially when it comes to your most sensitive data, e.g., primary email, financial accounts, and critical operational software.
But what is MFA?
Multi-Factor Authentication is an additional step that you should take to increase your security. It adds the extra protection to accounts and information by confirming that you are trying to gain access. MFA relies on two key factors:
Factor 1 – Something you know, i.e. your Microsoft 365 username and password
Factor 2 – Something you have, i.e. your mobile phone
Complex passwords used to be a good level of authentication, but they are no longer enough. The MFA creates an extra layer of security, and it makes it more difficult for the criminals to log in as if they were you.
You have most likely used MFA, for example, logging into a website that then sent a numeric code to your mobile phone, which you then entered to gain access to your account.
Is it easy to set up MFA for Microsoft?
Microsoft 365 and Office 365 all support the MFA for user accounts by using:
- A text message sent to a phone that requires the user to type a verification code.
- A phone call or
- The Microsoft Authenticator smart phone app.
There are multiple ways in which you can enable MFA for Microsoft 365 and Office 365:
- With security defaults
- With Conditional Access policies
- For each individual user account (not recommended)
Since October 21 2019, Microsoft 365 and Office 365 included security defaults on all paid or trial subscriptions.
It is also important to note that MFA is configured per device. If you are using Microsoft 365 on your computer, you will be asked to log on with a username and password, followed by a text sent to your mobile with a code to confirm it is you. If you use Microsoft 365 on your phone or tablet, the same thing will happen.
According to Microsoft, MFA can block 99.9% of compromised account attacks. Therefore, we recommend all businesses have this risk control in place immediately.
Here at SCS, we strongly recommended that you not only use MFA for your Microsoft accounts but across your whole user base. It gives you the confidence that all your information and data is strongly protected.
As well as physically protecting your data and electronic assets, protecting yourself from a cyber-attack also protects your reputation.
If you need any help or advice, please do get in touch with us.