Multi-Factor Authentication

31st July 2019

Implementing multi-factor authentication (MFA) is a business-critical imperative. 

The below advice is from our recommended cyber insurer, CFC Underwriting.

Why is this important?

The CFC Incident Response Team notes that the vast majority of claims for business email compromise (BEC) and the associated crimes that result from such a compromise (wire transfer fraud, data theft and further phishing attacks) could potentially be prevented by implementing multi-factor authentication (MFA) on email accounts and other accounts.

Due to the proliferation of modern attack methods used by cybercriminals, not using multi-factor authentication is akin to closing the door of your home but not locking it. To improve your security posture, and to bring it up-to-date to face current threats, the use of multi-factor authentication (MFA) is highly recommended.

So what is MFA?

It’s an authentication process that requires more than just a password to protect an email account or digital identity and is used to ensure that a person is who they say they are by requiring a minimum of two pieces of unique data that corroborates their identity (multi-factor authentication). This unique data comes in three forms – something you know (i.e. your password), something that you have (i.e. a one-time passcode generated by an app or hardware token), or something you are (i.e. fingerprint, retinal pattern, voice signature or facial recognition).

In the event of a password compromise, perhaps as a result of a phishing attack, it is very unlikely that the threat actor will also have the other piece of the authentication data. Therefore, the chances are that your email account or digital identity will not be compromised. It will increase your overall cybersecurity posture and will decrease the chances of reputational harm and negative business impact.

 

There are many free MPA apps and more comprehensive corporate solutions. Below are some additional resources:

Resources on how to set up MFA for Microsoft Office 365 can be found here

Resources on how to set up MFA for Google can be found here

Authentication apps such as:

Google Authenticator

LastPass Authenticator

Authy

Microsoft Authenticator

Yubico Authenticator 

are available for free for a large number of digital services.

CFC urges all policyholders to take this critical security step as soon as possible.

TH March has access to a number of specialised insurers who can provide you with access to expert advice, guidance and security strategies. Arranging BASIC or ADVANCED cyber insurance cover through TH March can go a considerable way to mitigate the risks and threats to your business. Our qualified team will provide a tailored solution specific to your business type and budget.

Don’t wait until it’s too late, get your cyber insurance quote today. Click here for more info and to obtain a FREE quote.

 

 

Read our other posts

Notable Cyber Security Fines and Prosecutions

Notable Cyber Security Fines and Prosecutions

The amount of UK organisations that have fallen victim to cyber attacks has steadily grown over the past several years, and unfortunately we’ve seen this spike due to COVID-19. Cyber attacks do not discriminate—businesses of all sizes and industries have been targeted. It is dangerous to believe that cyber attacks can only happen to other […]

COVID-19: Return-to-work considerations for offices

COVID-19: Return-to-work considerations for offices

The coronavirus (COVID-19) pandemic has interrupted many businesses and offices across the country. While it’s unclear how long COVID-19 will continue to affect organisations, many employers are looking to the future of employees returning to work. Echoing the sentiments of public health officials, a return to normalcy won’t be like flipping a switch, but rather […]

Wearing Facial Masks or Coverings in the Workplace During COVID-19

Wearing Facial Masks or Coverings in the Workplace During COVID-19

During the COVID-19 pandemic, some employers are currently open as essential businesses—for organisations that are not open, many plan to welcome back employees as soon as government guidelines allow it. Health experts suggest that face coverings should be worn in public, including places of employment. There are many questions about the differences between masks and […]

Post-coronavirus Offices

Post-coronavirus Offices

The coronavirus disease (COVID-19) pandemic has changed many aspects of the current workplace and employers should begin planning for what their post-coronavirus office will look like. Previously, social distancing and COVID-19-related best practices hadn’t been a topic on the mind of most employers or employees. By updating office layouts, encouraging new behaviours and expanding remote […]

Best Practices for Laying Up Commercial Vehicles

Best Practices for Laying Up Commercial Vehicles

In the midst of the COVID-19 pandemic, organisations across the UK have halted key business operations in order to follow government guidelines—including stopping all non-essential travel. As a result, many organisations that utilise commercial vehicles for a variety of purposes (e.g. performing deliveries, picking up goods or transporting workers between job sites) have begun ‘laying […]