What is multi-factor authentication — and how will it help your business? Increasingly, Vohkus is working with forward-thinking organisations to explore this technology, helping them to take advantage of a significant security innovation.
Are passwords enough to protect applications and data against unauthorised access? Not according to recent research.
The age of multi-factor authentication
Are passwords enough to protect applications and data against unauthorised access? Not according to recent research. Verizon’s Data Breach Investigation Report says that around 61% of security breaches involve compromised passwords.
Passwords can still play a role. But other authentication factors are vital. They could relate to something you have (like a device or security key), something about you (like your face or fingerprint), your location, or relate to your level of access.
Many of us have become familiar with two-factor authentication in our personal lives. Typically, banks or retailers may ask us to enter passcodes texted to us or they may contact us with automated call-backs.
These extra identity checks with two-factor authentication provide peace of mind. But what about security around access to valuable corporate assets, such as applications and data? Can IT teams securely connect employees — who may be working anywhere —in a cost-effective and convenient way? The simple answer is Yes.
Multi-factor authentication benefits
Cloud-based security platforms, such as Cisco Duo, can now deliver multi-factor authentication for enterprises so they can address risks around compromised credentials and devices. Being able to verify your users’ identities is also important for building a zero-trust architecture security model.
Multi-factor authentication delivers major benefits. You can:
- Become more agile: IT teams can satisfy demand for anywhere, anytime access by the business and the workforce in a fast and scalable way with MFA. You can reduce workflow friction and increase people’s productivity.
- Enhance control: With the best MFA solutions, IT teams can increase visibility and granular control, based on adaptive security policies tailored for the business.
- Save time and costs: With multi-factor authentication, you can centralise access security. Teams can say goodbye endless password-related help desk tickets and password resets.
The power of going passwordless
An innovation such as multi-factor authentication can save employees from the hassles of storing, remembering, and managing passwords across multiple accounts. They don’t have to worry about having them stolen through hacking, phishing, and malware.
That’s because it’s also possible to authenticate without passwords if you have the right tech. Take Cisco Duo Passwordless Authentication for instance. Instead of having to remember a string of letters and numbers, users can authenticate with something about themselves, such their face ID. It’s friction-free for employees and feels more like an instant gesture rather than a laborious typing exercise.
People only have to verify once within a timeframe set by your system administrators. It’s worth taking a closer look at Duo Passwordless Authentication with this helpful guide.
Top tips for multi-factor authentication
Over coming months, many organisations will adopt cloud-based multi-factor authentication. But it’s essential to understand that MFA solutions can vary significantly.
Some deliver the bare minimum to meet compliance requirements, others are clunky and come with limited scope, while the best solutions will be flexible for users but rigid against threats.
Here are five areas to consider when choosing your multi-factor authentication solution:
1) Security impact: How effective is the MFA solution? For example, can it provide access control for managed and unmanaged devices? Will you also get alerts about unusual or suspicious login activities? Strong underlying security and reliability is critical. You need comprehensive protection that will fit your compliance regulations comfortably.
2) User adoption: It’s vital that employees embrace multi-factor authentication, so it needs to be ultra-easy to use and fit your preferences. Does the solution offer all the methods you might want, including U2F, SMS passcodes, mobile OTP, phone callback and security? Passwordless methods can make a big difference to adoption. Ask the MFA provider about their methods, capabilities and approach.
3) Strategic fit and APIs: It’s important to be able to provide smooth and user-friendly authentication in a consistent way across all your platforms and services — not just ones linked to a specific vendor you use today. Pick an MFA solution with out-of-the-box API integration capabilities across virtual private networks (VPNs), remote access gateways, cloud apps, on-premise tech, and bring your own device (BYOD). This adaptability will give you multi-factor authentication without compromise.
4) Deployment and control: Make sure you select cloud-based technology that can be added rapidly to any existing environment or platform. For example, the self-enrolment feature offered by Cisco Duo makes it easy for users to get set up. Rather than spending vast amounts of time on onboarding, your IT team can control access with tailored policies and get deep insights via an intuitive dashboard.
5) Total cost of ownership: Some MFA solutions may come with a highly-attractive price tag. But beware of hidden costs that might include upfront fees, capital investment, licensing, support and maintenance. Some solutions might demand of chunk of time from professional services as well as ongoing operation and administration costs. Bills can snowball. It’s much better to pick a solution with a simple subscription model priced per user, billed annually and without extra fees for new devices or applications.
Why SASE architecture is so relevant
Multi-factor authentication fits into a bigger picture where network and security functions are coming closer to users and devices, at the edge. Known as secure access service edge (SASE) architecture, this cloud-based, as-a-service model provides secure access and protection for applications and roaming users without you needing additional hardware.
As a Cisco Premier Integrator and Select Provider Partner, Vohkus is at the forefront of this exciting convergence of networking and security functions in a more integrated way. We’re helping companies to navigate their journey with SASE architecture and reap huge benefits around simplicity and scalability. You can explore the topic here.
Dig deeper into the topic of multi-factor authentication with Vohkus and get the free trial now available for Cisco Duo MFA security. And if you’ve got any questions, please contact our expert team. We’ll be glad to help you explore the benefits of multi-factor authentication.