A recent survey published by Microsoft found that 99.9% of compromised user accounts did not use multi-factor authentication (MFA). This is quite a compelling reason to use MFA, which is about confirming the user’s claimed identity by using a combination of at least two factors when signing into a service. This solution, however, gives you much more than you would think. By leveraging its flexibility and customisation options, you can provide a secure and practical system for your company. Zsolt Pótor, Senior Solution Sales Manager at Softline has shared his views on multi-factor authentication and the common myths around it.
Not Just for Banks Anymore
When talking about multi-factor authentication, we usually think of securing access to the company’s financial assets, but the possibilities are virtually unlimited. Due to the undoubted importance of your company’s data and information assets, access to these is critical in terms of security. Whether it’s about entering into internal communications channels (email, chat programs) or accessing a company database, each and every connection can increase the exposure of the organization. Our experts have several solution plans for these situations, offering support from planning through implementation to operating the system.
Well-Designed Solutions Without Lengthy Deployment
Many think that transitioning to multi-factor authentication takes several months to complete. Of course, the time needed to implement the system depends on several factors, but, thanks to our preliminary assessment, we will only secure those processes where MFA is actually required. This is important from several aspects, because for securing access to several systems concurrently, we will recommend compatible solutions to ensure that their implementation and operation will both pay off.
Practicality Instead of Time-Consuming Login
A common myth regarding multi-factor authentication is that once it has been deployed, the user must perform it for each login. In fact, this solution is also flexible and can be adapted to real-world requirements. For example, if the user needs to access multiple systems in a given timeframe then we can create a rule requiring the user to perform multi-factor authentication only the first time they log in during a session on the same computer. No further re-authentication will be required until the session expires. Similarly, we can also configure MFA to be required only when logging in from outside the network, so when on company premises, the user can access the data in a single step. The scenarios mentioned above underline both the essential nature of preliminary needs assessment and the rich opportunities offered by the system.
Starring IT–and Many Others
Although their access to databases and company information impacts how employees do their work, the preliminary assessment among users is often skipped. To implement and deploy a complex and well-working system, the involvement of other business departments of the company is essential. The time invested will really pay off, making it possible to get the system right first time, avoiding subsequent modifications. It is also important to provide additional support to users, whether in the form of online training or electronic tutorials—that’s why we offer comprehensive solutions extending to the period after the deployment as well. We will suggest the most efficient training format based on the various user levels.
Although the field of IT security is quite complex, selecting and combining the proper components allows an efficient and customizable system to be created. If you are interested in learning more about enterprise security, please read our expert’s previous article or contact us today!
Businesses are facing multiple threat types from a variety of endpoints, apps, services and networks. Remote work and hybrid work as the new normal working type, force businesses to revisit ways to streamline and strengthen the security of their environments. In this blog post we summarize a Microsoft study that introduces how businesses can consolidate security with a more cost-effective solution, deliver unified end-user experiences for greater security, and reduce cyber risk with integrated, best-in-class protection.
Google’s newest security and privacy innovations help Google Workspace customers realize the full power of trusted, cloud-native collaboration. This is a short summary of Google’s new levels of trusted collaboration solutions such as Google Workspace Client-side encryption, trust rules for Drive and Drive labels.
The increasing prevalence of cloud-based services, mobile computing, internet of things
(IoT), and bring your own device (BYOD) in the workforce have changed the technology
landscape for the modern enterprise. Today, organizations need a new security model that more effectively adapts to the complexity of the modern environment, embraces the mobile workforce, and protects people, devices, applications, and data wherever they are located. The Zero Trust security model says “never trust, always verify.”
Globalna događanja tijekom 2020. dovela su do neviđene promjene u poslovnoj zajednici te natjerala su brojne organizacije da ubrzaju svoju digitalnu transformaciju. Tvrtke su se rekordnom brzinom morale prebaciti na rad na daljinu ili na hibridne oblike rada omogućujući zaposlenicima rad od kuće. A što se dogodilo s njihovom sigurnošću? Istraživanjem o kibernetičkoj sigurnosti tvrtke Microsoft ispituje se kibernetička sigurnost i upravljanje rizicima u zemljama srednje i istočne Europe (CEE).