A recent survey published by Microsoft found that 99.9% of compromised user accounts did not use multi-factor authentication (MFA). This is quite a compelling reason to use MFA, which is about confirming the user’s claimed identity by using a combination of at least two factors when signing into a service. This solution, however, gives you much more than you would think. By leveraging its flexibility and customisation options, you can provide a secure and practical system for your company. Zsolt Pótor, Senior Solution Sales Manager at Softline has shared his views on multi-factor authentication and the common myths around it.
Not Just for Banks Anymore
When talking about multi-factor authentication, we usually think of securing access to the company’s financial assets, but the possibilities are virtually unlimited. Due to the undoubted importance of your company’s data and information assets, access to these is critical in terms of security. Whether it’s about entering into internal communications channels (email, chat programs) or accessing a company database, each and every connection can increase the exposure of the organization. Our experts have several solution plans for these situations, offering support from planning through implementation to operating the system.
Well-Designed Solutions Without Lengthy Deployment
Many think that transitioning to multi-factor authentication takes several months to complete. Of course, the time needed to implement the system depends on several factors, but, thanks to our preliminary assessment, we will only secure those processes where MFA is actually required. This is important from several aspects, because for securing access to several systems concurrently, we will recommend compatible solutions to ensure that their implementation and operation will both pay off.
Practicality Instead of Time-Consuming Login
A common myth regarding multi-factor authentication is that once it has been deployed, the user must perform it for each login. In fact, this solution is also flexible and can be adapted to real-world requirements. For example, if the user needs to access multiple systems in a given timeframe then we can create a rule requiring the user to perform multi-factor authentication only the first time they log in during a session on the same computer. No further re-authentication will be required until the session expires. Similarly, we can also configure MFA to be required only when logging in from outside the network, so when on company premises, the user can access the data in a single step. The scenarios mentioned above underline both the essential nature of preliminary needs assessment and the rich opportunities offered by the system.
Starring IT–and Many Others
Although their access to databases and company information impacts how employees do their work, the preliminary assessment among users is often skipped. To implement and deploy a complex and well-working system, the involvement of other business departments of the company is essential. The time invested will really pay off, making it possible to get the system right first time, avoiding subsequent modifications. It is also important to provide additional support to users, whether in the form of online training or electronic tutorials—that’s why we offer comprehensive solutions extending to the period after the deployment as well. We will suggest the most efficient training format based on the various user levels.
Although the field of IT security is quite complex, selecting and combining the proper components allows an efficient and customizable system to be created. If you are interested in learning more about enterprise security, please read our expert’s previous article or contact us today!
Businesses are facing multiple threat types from a variety of endpoints, apps, services and networks. Remote work and hybrid work as the new normal working type, force businesses to revisit ways to streamline and strengthen the security of their environments. In this blog post we summarize a Microsoft study that introduces how businesses can consolidate security with a more cost-effective solution, deliver unified end-user experiences for greater security, and reduce cyber risk with integrated, best-in-class protection.
As cyberattacks are becoming more frequent and sophisticated companies can’t afford to approach cybersecurity as an afterthought. Addressing the following three key areas could be a great starting point for any SME to include on their cybersec roadmap:
1. Face up to the technical debt
2. Factor cyber resilience into your security plans
3. Practice good digital hygiene
Learn more about the details and be prepared in the event of an attack.
Microsoft’s IoT Signals 2021 report gives a holistic view of the IoT ecosystem, providing insight into adoption rates as well as benefits, challenges, and emerging trends. In this article we summarize the conclusion of the report why organizations decide adopting IoT.
Идентичност, крайни точки, приложения, мрежа, инфраструктура и данните са важни връзки в цялостната
верига на модела за сигурност Zero Trust. Microsoft поддържа сигурността Zero Trust чрез множество слоеве на защита. По-долу са описани шестте слоя за сигурност Zero Trust и как да ги защитите.