More employees are working remote than ever before. As convenient as it can be for employees, remote work introduces unique risks that businesses need to prepare for. With more devices in use outside the direct purview of IT, organizations need a strategic approach to protect themselves from unauthorized access and data breaches, without inconveniencing employees. If organizations could make one change in their IAM strategy to better secure a remote workforce, what should it be?
Based on our recent research with IDG on the impact of remote work to IAM, 62% of IT decision makers believe multifactor authentication (MFA) is the most effective way to secure their remote workforce. With the right MFA solution, employees enjoy a frictionless login experience while strong security protocols thwart cyber-attacks.
Defining MFA
What do we mean by MFA? Many people are familiar with the term “two-factor authentication”, or 2FA. 2FA refers to the use of two factors (typically something you know and something you have) before granting access to something.
MFA goes one step further by requiring two or more factors before granting access. This may include something you know (a password), something you have (a phone), and something you are (biometrics like a fingerprint).
With MFA, a user is required to enter not only the username and password to access a business resource, but to also swipe a finger or scan their face from a “trusted” device. These elements are used to more accurately verify that the user is who they say they are, before granting access. High-risk scenarios or suspicious activity can trigger additional login requirements or verification steps.
Since passwords are so vulnerable – whether to phishing, social engineering, even brute-force – adding MFA strengthens the security of any password-protected account. Any access point, as well as business resources – from VPNs to SaaS apps – can be secured with MFA.
MFA Options
The challenge with MFA is balancing security with user experience. Though security is important, it should be as invisible as possible and avoid creating more friction. Clunky hardware and manual authentication steps can slow down employees and cause frustration. Leveraging what the user already has and can easily access – like their smartphone, and their fingerprint – offers a much more convenient experience for employees.
For businesses looking to add MFA to secure a remote workforce, consider a solution that offers passwordless authentication. With the use of biometrics on a user’s phone, passwordless authentication can verify a user and securely connect them without the traditional step of entering a username and password.
Biometric authentication is an ideal choice because many employees are already familiar with them. Biometrics tend to be easy to set up and use, and the employee always has what they need, while offering a high degree of security. With a simple swipe of a fingerprint or scan of a face on their personal smartphone, an employee can quickly gain access to work resources while giving IT visibility into and control over employee access.
The value of MFA everywhere
The advantages of MFA have been widely known, but in the age of remote work its use is more critical than ever. With so many devices, websites, apps, Wi-Fi networks, and other technology outside the direct control of IT, businesses need to go on the defensive with their cybersecurity strategy. That means making it harder for attackers to gain unauthorized access and requiring employees to provide more reliable “proof” of who they are.
Organizations looking to pivot their IAM strategy in the work-from-anywhere era should implement MFA everywhere. Password-protected accounts and SSO-enabled apps alike can benefit from requiring MFA. VPNs, databases, and on-premise software should also be secured with MFA. By implementing an MFA solution that leverages biometric authentication, businesses can deliver an experience that’s easy to use while locking down corporate data to minimize the risk of data breach in the age of remote work.
