There are over 300 million fraudulent sign-in attempts to Microsoft cloud services every day on Microsoft’s platforms alone. Along with the fact that over two-thirds of Australian organisations have suffered a ransomware attack in the past months – 10 points over the global average according to SecurityBrief – means that passwords are no longer enough to secure identities.
The security landscape has changed dramatically, particularly with the pandemic completely reshaping the way we live and work. With remote working, and the increase in mobile and cloud applications, securing access to applications and tools for consumers and workers has become a critical consideration for IT teams.
Regardless of how complex a password is, they are now at risk of being compromised by complicated password spray attacks. The attackers using a dictionary of passwords and special cracking tools with powerful equipment try different character combinations for a password with around a thousand attempts per hour. As per reports, brute force password attacks allow criminals to crack every possible standard eight-character password containing upper and lower letters, digits and symbols in less than 6 hours.
The problem is being compounded by the fact that more than half of all employees are now downloading and using apps that aren’t necessarily approved by their employers, according to Igloo’s 2020 State of the Digital Workplace report. Add to this, that 73% of consumers re-use passwords, and you have a recipe for disaster.
Compromised passwords allow unauthorised people to have access to sensitive information and intellectual property of your business or your customers. This issue is known to be affecting a large number of businesses resulting in losses in the millions of dollars as well as damaging their reputation in the market.
Using MFA to mitigate this risk
Organisations, businesses and people need another form of verification to prove their identity and mitigate brute force password attacks.
Enter Multi-Factor Authentication (MFA), in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to prove who they are.
This is provided to an authentication mechanism in two ways:
- Knowledge – ie: something that the user and only the user knows, for example a password or PIN;
- Possession – ie: something the user and only the user has, for example a USB stick with secret token, a virtual token or key via mobile; and
- Inherence – ie: something the user and only the user is, for example fingerprints, eye retina.
Microsoft offers a solution for Multi-Factor Authentication (MFA) via Azure Active Directory (AD). This helps protect the identity of the user and provide conditional access features by enabling premium features of Azure AD.
Benefits of MFA
There are a number of benefits to using MFA as a way to identify your users.
The strength of authentication systems are largely determined by the number of factors or layers incorporated into the system. While each authentication method has strengths and weaknesses, systems that use two or more different factors are typically considered stronger than those that use only one factor. Enable MFA (or 2FA) and ensure your accounts are up to 99.9% less likely to be compromised.
Almost every organisation has some level of local, state, and/or federal compliance to which they must adhere. Many of these regulations specify that organisations must utilise MFA under certain circumstances, like when accessing particular types of data or connecting from certain locations. There is pressure for organisations to maintain compliance in order to mitigate audit findings and avoid potential fines and other penalties.
Greater Flexibility and Productivity
Being able to remove the burden of passwords by replacing them with alternatives has the potential to increase productivity and bring a better usability experience due to the increased flexibility of factor types. In the right environment and situation, there could even be an opportunity for a potential reduction in operational costs.
Learn more about Microsoft MFA and Azure AD here