Multi-factor authentication should be a standard practice within a business, as phishing attacks are growing more advanced and calculated by the day. MFA can protect your business with an extra level of security to protect your accounts.

There are a few options for setting up MFA within a business. The two simplest options are to download an authenticator app or request to receive SMS codes. When MFA is enforced, users will be prompted to sign into their work account with their email and password. It will then ask them to start the setup. Once you have set up your authenticator account, users will be able to see one-time codes. These refresh every 30 seconds within the app or receive an SMS code when a login attempt is made.

Why should we enforce MFA?

The good thing about using multi-factor authentication is that it doesn’t cause much interference when users are logging in. If you are using Office 365 applications on your PC you will not have to get a code every time. Codes will only be required when logging into browser versions of Office, or from a new PC.

Credential theft will be massively reduced, due to the fact that login attempts from different PCs, without the one-time code will be blocked. If your business has trouble enforcing strong passwords with a minimum of 8 characters and changing them regularly, then MFA enforcement is the way forward for you.

Having multi-factor authentication is also necessary if you obtain a Cyber Essentials or Cyber Essentials Plus certificate.

If you already have multi-factor authentication set up, you may wish to enhance your security further. There are Microsoft licenses available to purchase that learn the behaviour of users.

At SMG Business we would be more than happy to assist you on your MFA journey. Please contact us on 020 7898 3500.

You can check out last week’s blog here.