While we can't guarantee MFA can stop Robocop, it can help prevent many types of attacks on your data.

According to Google, a single additional step, like adding a recovery phone number to your secure personal accounts, can stop up to 100% of automated bots and 99% of bulk phishing attacks.

Protecting your business from automated attacks isn’t just important, it’s also incredibly simple. So how does this apparently super easy prevention system work?

Setting up Microsoft Authenticator

(If you are a visual learner like us, here is a quick 2-minute video)

1. Sign in to your Microsoft account and head over to My Account Portal.
2. Select Security Info in the left pane, then select Add Method
3. Select the Authenticator App then select Add
4. Download and/or open the Authenticator App and select Next
5. In the Authenticator App, select Add Account from the Customize and Control icon in the upper-right
6. Return to the Set up your account page on your computer and select Next, prompting a QR code to appear
7. Scan the QR code from the Authenticator App on your phone and approve the notification you receive within the app

Now you can go back to browsing Facebook for the next 3 1/2 hours knowing your account is that much more secure!

Setting up Google Authenticator

(Couldn't find any videos made by Google on this 😞)

1. First, open your email account
2. On the top right of the screen click your avatar and open your Google Account
3. Click Sign In & Security
4. Scroll to find 2-step verification. Enter your password and click Next. Scroll to find the Authenticator App and click Set Up
5. Select your type of device (Android/iOS) and click Next.
6. A QR code will be displayed.
7. Download and/or open the Google Authenticator app onto the phone you want to use and tap to Scan Barcode
8. Point your phone’s camera at the code and receive a six-digit code
9. Click Next on your computer and enter the six-digit code
10. Click Verify and receive a Success Message

Now Google Authenticator is your default 2FA system!

While it may seem like we’re stuck on repeat, multifactor authentication is honestly just that important.

Sure it’s another step or two on the road to accessing your platforms and data, but those steps are quick and easy and can save your company huge amounts of money, time, and negative press.

Just ask Notorious C.A.T.: He's been using MFA for years!

Not only does MFA work against threats from automated bots, but according to CIO, it does a pretty dang good job at defeating ransomware attacks as well.

Key Takeaways:

1. Backups should be viewed as the last line of defense against ransomware. Therefore, a username and password alone are not enough to access secure backups.
2. Time-based One-Time Password (TOTP) is much-loved algorithm with MFA based upon RFC-6238 from the Internet Engineering Task Force (IETF) often adopted with enhanced security features like extremely fast (30-90 seconds) passcode expiration.

If updating data protection systems is still sitting on your back burner, you may want to peruse this Forbes article updating us all on the federal government’s newest stance on digital security – and a little more…

Key Takeaways:

1. The Cybersecurity and Infrastructure Security Agency (CISA) put single-factor authentication methods (like individual passwords or PINs) in their extremely risky cybersecurity practices.
2. Check out all the bad practices that made the list here.

Yahoo published an article recently, looking into how universities and colleges are protecting themselves against cyber attacks. (Spoiler alert, it's MFA)

Key Takeaways:

1. Microsoft found that over 60% of monthly malware attempts in Microsoft 365 are focused on the education sector, 6x higher than the next closest industry.
2. Schools are mitigating risks by utilizing biometrics as their choice of MFA.

At this point, we’ve gone on ad nauseum about the differences between single, double, and multifactor authentication. And, also in a previous blog, we’ve covered what makes multifactor so much more secure than even just two-factor authentication.  

You may still be wondering if you really need to go the extra step. Maybe your business has never suffered an attack, or you think there’s no use to your customer data in the hands of a hacker.

The reality is much different, and to ensure there are as few reasons as possible why businesses could think to refuse MFA, there are tons of ways the industry is making MFA more convenient for your business. 

Should My Business Use MFA? 

If you’re reading this, you’re more than likely collecting troves of customer data at your business. But whether or not you’re utilizing simple or complex internal strategies with that data is irrelevant.

If you’re collecting data from your customers you MUST protect it, and no solution is more formative than multifactor authentication.

Additionally, Windows and Google each offer their own suites of multifactor options, and they’ve concluded equipping MFA to your accounts is no longer optional.  

But is MFA Affordable?

Not only are there tons and tons of free MFA options built into the systems you’re probably already using, but some insurance providers also offer price breaks for having MFA protection systems enabled on your accounts because of how unbelievably effective MFA is in the event of a breach. 

To read more on the topic, check out our most recent blog.

If you made it this far, we're guessing you're either really interested in learning about even MORE critical opportunities to your business security or maybe you're the author re-reading this email for the 25th time and just happened to get to the bottom.

Regardless of which is true, we’d love it if you shared this email with a coworker or a friend whom you think could use a little more data protection in their life.