A remote workforce requires IT to ensure employees have access to the resources they need, all while maintaining security throughout the business. The first step to securing a remote workforce is granting access to an employee, and the next step is for IT to ensure the employee logging in is who they say they are. Authentication technologies help IT verify that the user logging in is legitimate. This is particularly important with a remote workforce, when every employee logging in is outside of the traditional corporate perimeter.
Breaking Down MFA
Multi-factor authentication (MFA) requires employees to authenticate with two or more factors in the login process. MFA is conceptually broken down into three categories: something you know (a password), something you have (a mobile device) and something you are (a biometric). Examples of authentication factors include a traditional password, biometric, push notification, time-based one-time passcode (TOTP), SMS text, and email among other options.
MFA is even more crucial in a time where 80% of data breaches are caused by passwords alone, and phishing attacks are spiking globally upwards of 40%. Now more than ever, phishing schemes are targeting remote employees with malware and spam with the intention of gaining fraudulent access into their corporate system. A recent study even found that on average 26.5% of recipients who were sent a malicious email clicked on a link in the email, thus exposing the business to risk.
MFA on business resources doubles the layer of security, which helps IT teams ensure the user logging in is the employee themselves. In the event that a password or workstation is compromised, or if an employee clicks through a phishing campaign, MFA would prevent the hacker from gaining access into the system; the hacker would not be able to replicate a biometric, or accept a push notification on a mobile device that is not physically in their possession. MFA helps prevent against this risk and keeps remote workers operating securely.
Stronger Security, Without Slowing Employees Down
One consideration that is important to note regarding MFA is to make sure you are enforcing security, in a way that does not inhibit employees from getting their work done. Two ways to consider balancing security with ease of use are through contextual and passwordless authentication:
Contextual Authentication
Contextual authentication is a type of MFA that adapts authentication requirements based on the context of the login. The time of day, the geographic location and the IP address in which the user is attempting to authenticate from all play a role on whether the user should be successfully authenticated. Contextual authentication can help IT teams gain deeper context into the login to enforce stronger MFA requirements for suspicious activity, while employees are able to simply authenticate.
Passwordless Authentication
Passwordless authentication enables an employee to securely log into their work without having to type a traditional username and password. An example of a passwordless login would be when an employee attempts to log in and receives a push notification to their mobile device (authentication factor one) and after accepting the push notification, would scan their fingerprint on their mobile device to prove their identity (authentication factor two). The employee would complete two or more factors in alignment with the MFA policy, all without typing a password which is an easier experience.
Our Recommendation: Add MFA Everywhere You Can
While there are many options and different facets of MFA to choose from, our recommendation is a simple one: add MFA everywhere you can. And when we say everywhere, we mean business applications, mobile devices and workstations, and the corporate VPN. By doing so, MFA can help secure every employee login regardless of where that login is coming from.
As businesses worldwide are working remotely, now is more important of a time than ever to ensure every access point in the business is protected. As more and more cybercriminals capitalize on the opportunity for hacking, MFA is one simple and secure method to thwart the risk and secure your remote workforce.
If you’re interested in learning more about MFA, check out our Guide to Multi-Factor Authentication.
