How Multifactor Authentication (MFA) Can Help Protect Against Cyber Threats [Video]
Text, Travelers. Why Implement Multifactor Authentication?
Animation of a laptop and a smart phone. The number 1 on the laptop, number 2 on the phone. Each with five asterisks under the number.
Multifactor authentication or MFA is one of the most important security controls for your organization.
A red circle around the two devices. It deflects icons of a bug, an X, letter with a skull, and an eye. Then graphics depict files chained under a padlock, and a fishing hook next to a file.
It can help prevent cyber criminals from accessing a business's system or from infiltrating a network, which can lead to ransomware attacks and other cybercrime schemes perpetrated against your organization.
Text, What Is It?
Three graphics. The first, a sign in window with five asterisks under User Name. The second includes a padlock next to a video camera icon. The third is a fingerprint graphic.
Multifactor authentication is the use of two or more authentication factors to verify a user's identity before granting access.
It can be one, something you know, like a password or a passphrase. Two, something you have, like a smart card, a token, or an authenticator app on a smartphone. Three, something you are, including a biometric marker like your fingerprint.
Text, Why Is It Critical?
A password strength indicator under, Create Password
The truth is user credentials and passwords can be the weakest link as cyber criminals continue to become more sophisticated.
A thin dotted line curves over digital devices with a padlock in the middle. The addition of Multifactor Authentication adds a second dotted line with a red highlight.
Multifactor authentication adds an additional layer of security making it much more difficult for business systems to be accessed by criminals. In fact, 99.9% of account compromised attacks can be blocked by implementing MFA. And all too often ransomware victims were not using MFA before their compromise.
In an animation, an arrow trashes a skull letter. Text, What Should Be Protected?
Dotted lines move between laptops, cloud and servers.
One, remote network access. MFA can help reduce the potential for network compromise due to lost or stolen passwords.
A key over a cloud. A list of Privileges between a hooded man at a laptop and the cloud.
Two, privileged and administrative accounts. MFA can help prevent intruders from elevating privileges and gaining broader access to an already compromised network, which they then could use to successfully deploy ransomware across the network.
Dotted lines move between laptops, a cloud and email window, and servers.
remote access to email. Using MFA to access email through a web browser or cloud-based service can help prevent intruders from accessing email accounts, which can be used in cybercrime schemes against your organization, your clients, and your customers.
Graphics of a skull, X, hooded man, eye and bug. A cover closes on on them with a padlock and the text, MFA.
Start protecting your organization with MFA to help close the virtual front door to would-be intruders.
To learn more about multifactor authentication, visit travelerscanada.ca.
Text, Travelers Canada, 165 University Avenue, Toronto, Ontario, M5H 3B9. This material is for informational purposes only. All statements herein are subject to the provisions, exclusions and conditions of any insurance policy issued by travelers Canada. It is not a representation that coverage does or does not exist for any particular claim or loss under any such policy. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy provisions and any applicable law.
Cybercrime is an ongoing threat for organizations, with incidents such as ransomware attacks, fraudulent sign-in attempts and breaches due to stolen credentials continuing to rise. And no organization is safe – cyber criminals target businesses large and small. During the first half of 2021, ransomware attacks across the globe skyrocketed by 151%, and the Cyber Centre in Canada reported 235 ransomware incidents targeting Canadian organizations between January 1 and November 16, 2021. 1
Now more than ever, organizations need to take all necessary precautions to secure their systems and data. Passwords alone are not enough. Multifactor authentication (MFA) can help stop cyberattacks in their tracks, blocking 99.9% of account-compromising attacks.2
What Is MFA?
MFA is a security method that requires the use of two or more authentication factors to verify a user’s identity. MFA is often used to verify users who are accessing an organization’s network or their email remotely, or accessing privileged or administrative accounts. MFA provides greater assurance that users are who they say they are and helps keep data and business systems safe even if one set of credentials (such as a user ID and password) has been compromised.
How Does MFA Work?
To verify a user’s identity prior to granting access, MFA uses authentication factors that fall into at least two of three categories:
- Knowledge – Something only the user knows, such as a password, PIN or answers to personal security questions.
- Possession – Something only the user has, such as their smartphone, a smart card or a software token.
- Biometric – Something that is unique to the user, such as a fingerprint or retinal scan.
For example, when logging in to an organization’s network, the first authentication factor may be the user’s standard username and password credentials. The second factor may include a one-time passcode sent to the user’s smartphone, which can only be accessed by using a third factor, such as a matching fingerprint.
As a general rule, the more authentication factors required, the more robust the security. MFA also requires that these authentication factors be independent of one another. If one factor grants access to another factor, the integrity of the structure could be compromised.
Why Should You Use MFA in Your Business?
The average cost of a data breach was $4.24 million in 2021,3 which is a concerning factor for organizations of all sizes. MFA can be a strong component of an organization’s security strategy for many reasons:
- Limits digital credential theft. MFA makes it more difficult for criminals to steal digital credentials and limits the usefulness of the stolen credentials. Even if a hacker gains access to your employees’ usernames and passwords, they’re unlikely to have access to the additional factors required to log in, such as the user’s fingerprint or the smartphone to which a one-time passcode has been sent.
- Strengthens existing systems. Other cybersecurity solutions, such as firewalls and anti-virus protection, are only as strong as the authentication steps that protect them. MFA helps make existing security systems stronger.
- Protects high-value targets. Administrative and executive accounts are high-value targets for hackers seeking to gain broader access to a network – and the sensitive business information contained therein. MFA can be used specifically to protect these accounts.
- Deters cyber exploits. Cybercrime involves more than stealing information. With MFA, you can also deter hackers from destroying data, deploying ransomware, changing programs and transmitting spam or malicious code throughout an organization’s systems.
- Secures email access. Intruders often use email access to carry out cyber schemes against businesses, their clients and customers. MFA can help minimize the risk of criminals gaining remote access to a user’s corporate email account.