How Multifactor Authentication (MFA) Can Help Protect Against Cyber Threats [Video]
The Travelers logo with red umbrella. Text, Why Implement Multifactor Authentication?
Animation. The screen of a laptop displays a 1 above five asterisks. A smaller window displays a 2 above the asterisks. A red line circles the laptop.
Multifactor authentication, or MFA, is one of the most important security controls for your organization.
Graphics of a bug, an X, a skull and crossbones in an envelope, and an eye, bounce off the red circle.
It can help prevent cyber criminals from accessing a business's system or from infiltrating a network, which can lead to ransomware attacks and other cybercrime schemes perpetrated against your organization.
Text, What is it?
Multifactor authentication is the use of two or more authentication factors to verify a user's identity before granting access. It can be-- one, something you know, like a password or a passphrase; two, something you have, like a smart card, a token, or an authenticator app on a smartphone; three, something you are, including a biometric marker like your fingerprint.
Why is it critical?
The truth is, user credentials and passwords can be the weakest link as cyber criminals continue to become more sophisticated.
A blue dotted line arches over multiple tech devices; a small padlock in the center. The padlock grows larger with the addition of a second dotted line.
Multifactor authentication adds an additional layer of security, making it much more difficult for business systems to be accessed by criminals.
In fact, 99.9% of account-compromised attacks can be blocked by implementing MFA. And all too often, ransomware victims were not using MFA before their compromise.
What should be protected?
One, remote network access. MFA can help reduce the potential for network compromise due to lost or stolen passwords.
Two, privileged and administrative accounts. MFA can help prevent intruders from elevating privileges and gaining broader access to an already compromised network, which they then could use to successfully deploy ransomware across the network.
Three, remote access to email. Using MFA to access email through a web browser or cloud-based service can help prevent intruders from accessing email accounts, which can be used in cyber crime schemes against your organization, your clients, and your customers.
Start protecting your organization with MFA to help close the virtual front door to would-be intruders. To learn more about multifactor authentication, visit travelers.com.
Travelers Casualty and Surety Company of America and its property casualty affiliates. One Tower Square, Hartford, CT 06183. This material does not amend, or otherwise affect, the provisions of any insurance policy issued by Travelers. It is not a representation that coverage does or does not exist for any particular claim or loss under any such policy. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy provisions, and any applicable law.
Cyber crime is an ongoing threat for organizations, with incidents such as ransomware attacks, fraudulent sign-in attempts and breaches due to stolen credentials continuing to rise. And no organization is safe – cyber criminals target businesses large and small. According to the Federal Bureau of Investigation, there has been a 69% increase in internet crime in 2020, with reported losses exceeding $4.1 billion.1
Now more than ever, organizations need to take all necessary precautions to secure their systems and data. Passwords alone are not enough. Multifactor authentication (MFA) can help stop cyber attacks in their tracks, blocking 99.9% of account-compromising attacks.2
What Is MFA?
MFA is a security method that requires the use of two or more authentication factors to verify a user’s identity. MFA is often used to verify users who are accessing an organization’s network or their email remotely, or accessing privileged or administrative accounts. MFA provides greater assurance that users are who they say they are and helps keep data and business systems safe even if one set of credentials (such as a user ID and password) has been compromised.
How Does MFA Work?
To verify a user’s identity prior to granting access, MFA uses authentication factors that fall into at least two of three categories:
- Knowledge – Something only the user knows, such as a password, PIN or answers to personal security questions.
- Possession – Something only the user has, such as their smartphone, a smart card or a software token.
- Biometric – Something that is unique to the user, such as a fingerprint or retinal scan.
For example, when logging in to an organization’s network, the first authentication factor may be the user’s standard username and password credentials. The second factor may include a one-time passcode sent to the user’s smartphone, which can only be accessed by using a third factor, such as a matching fingerprint.
As a general rule, the more authentication factors required, the more robust the security. MFA also requires that these authentication factors be independent of one another. If one factor grants access to another factor, the integrity of the structure could be compromised.
Why Should You Use MFA in Your Business?
The average cost of a data breach was $3.86 million in 2020,3 which is a concerning factor for organizations of all sizes. MFA can be a strong component of an organization’s security strategy for many reasons:
- Limits digital credential theft. MFA makes it more difficult for criminals to steal digital credentials and limits the usefulness of the stolen credentials. Even if a hacker gains access to your employees’ usernames and passwords, they’re unlikely to have access to the additional factors required to log in, such as the user’s fingerprint or the smartphone to which a one-time passcode has been sent.
- Strengthens existing systems. Other cybersecurity solutions, such as firewalls and anti-virus protection, are only as strong as the authentication steps that protect them. MFA helps make existing security systems stronger.
- Protects high-value targets. Administrative and executive accounts are high-value targets for hackers seeking to gain broader access to a network – and the sensitive business information contained therein. MFA can be used specifically to protect these accounts.
- Deters cyber exploits. Cyber crime involves more than stealing information. With MFA, you can also deter hackers from destroying data, deploying ransomware, changing programs and transmitting spam or malicious code throughout an organization’s systems.
- Secures email access. Intruders often use email access to carry out cyber schemes against businesses, their clients and customers. MFA can help minimize the risk of criminals gaining remote access to a user’s corporate email account.
How Can Your Business Get Started with MFA?
An organization should be clear about what they want to protect and know that there is flexibility regarding which authentication factors can be used without unduly inconveniencing their users.
An extra layer of security in the form of MFA is crucial, but the options can vary from one solution to the next. To learn how a business can implement MFA and increase their cyber defenses, Travelers offers its CyberRisk policyholders access to a one-hour consultation with a Symantec™ Security Coach, who can provide much-needed expertise and help pave the way for a stronger cybersecurity program.
Travelers can help you build a strong security program with flexible insurance options and policyholder benefits that includes pre-breach services and access to other cybersecurity resources.
Contact your local independent agent to learn more.
More Prepare & Prevent
Cyber security training for employees can help keep your business safe from cyber attacks.
Registering intellectual property (IP) and using written agreements can help protect intellectual property.