Organisations today are challenged by the need to enable user access from anywhere on any device, while ensuring the security of business data. With the rise of cloud and mobile technologies, come ever-evolving threats. At the heart of many of these attacks is user identity. Stolen and weak passwords are used in 81%* of all hacking-related security breaches and 95% of phishing attacks, that lead to a breach, are followed by some form of malicious software installation.
High risk levels are amplified by users’ risky password habits:
Luckily, Microsoft provides access to Multi Factor Authentication (MFA) for all Microsoft 365 subscriptions. We highly recommend that you enable MFA for all users in your business.
What is MFA?
MFA simply means that more than one method, or factor, of authentication may be required in order to access an application or service. Being prompted for a password during log on is considered as evidence of your identity. Unfortunately, this method alone has become an increasingly weak method of proof. By introducing MFA, you will be asked for at least one more way to prove it is you logging on. This may be a phone call, a text message or a PIN. You may already be following this process when completing online banking. A bank will typically ask for parts of your password, as well as parts of your PIN. They are two factors of authentication. Most shopping websites and social media sites are also implementing and, in some instances, enforcing MFA.
How does it work?
Once enabled, MFA will be automatically applied when logging on to an application or service. These are typically applications that form part of Microsoft 365 such as: Outlook, SharePoint, Teams and OneDrive. However, it can also be extended to third party cloud based and on-premise applications.
During initial registration, you will have the option to specify your preferred secondary factor of authentication, over and above your password. The options you have will vary depending on your Microsoft 365 plan but, at a minimum, you can use the Microsoft Authenticator app to either receive a verification code or a notification.
Once set up is complete, the app will send a pop-up notification immediately after you enter your password, the next time you log in. This pop-up is your second factor of authentication. All you need to do is approve the request with a tap and you are logged in.
Why do I need it?
Most organisations will have at least some data stored in the cloud. Without MFA, this data is protected by no more than a weak password. If that password is leaked, your data and your identity, is in someone else’s hands. Accounts with MFA enabled are up to 99.9% less likely to be compromised. This is because passwords are easily targeted by phishing, social engineering, poor user habits and persistent attacks. MFA immediately increases account security by requiring multiple forms of verification when signing into an application.
How do I get it?
The good news is that MFA is available to all licensed Microsoft 365 users, regardless of the plan you are on. It just needs to be configured and enabled.
How can LIMA help?
Introducing MFA could have a big impact on the user experience, especially while working remotely. That’s why it is essential that the proper amount of planning is completed before making any changes.
The key to a successful roll out is to understand how, when and where you want MFA to be involved. Do we need it enabled for everyone all the time? What about corporate devices and known locations? How frequently should we prompt and for which applications?
These are just a few common questions that need to be asked. We also need to send out awareness material that MFA is coming, document the onboarding process for the users and be prepared for any teething issues once people are enabled.
These are all areas where LIMA can help. We can work with you to find the best way to introduce MFA, that delivers the optimal blend of security and user experience. What’s more, as experts in the design, implementation and management of Microsoft 365, we can provide ongoing support and management of the solution as part of our LIMA365 managed service offering.
Speak to your account manager or email firstname.lastname@example.org to find out more about how LIMA can help secure your mobile workforce with LIMA365.
For the past 20 years, we’ve been solving business challenges by designing and delivering intelligent IT solutions with a passion for technical excellence and customer satisfaction.
If you have a question you'd like to ask, we’d love to answer it.
Fill in the contact form below and we’ll get back to you as soon as possible.