In a digital world where cybercrime is increasing daily, a username and password alone is no longer enough to protect sensitive information. Hackers have numerous techniques at their disposal to steal or guess passwords, including phishing, data breaches and brute-force attacks. Fortunately, there is a relatively simple solution that significantly reduces the chances of intrusion: multifactor authentication (MFA). Where two-factor authentication was sufficient until recently, MFA is the new norm.
What is MFA?
Multifactor authentication (MFA) is a security method in which you go through additional authentication steps in addition to your username and password. These additional factors can be based on:
- Something you know: for example, an extra password or PIN.
- Something you have: a smartphone with an authenticator app, a token or an SMS code.
- Something you are: biometric features such as fingerprint or facial recognition.
By adding multiple factors, it is virtually impossible for cybercriminals to gain access to your systems using only a stolen password. This is because they do not have your biometric attributes, such as a fingerprint. But how does that work? Very simply. You log in with your login credentials, then the website in question asks you to verify your login via the authenticator app, for example. This is on your phone. A push notification appears on your phone and then you follow the steps on the screen.
How and when do you apply MFA?
MFA is used when logging into systems, applications or websites where security is essential because they contain sensitive information, for example. Examples include:
- E-mail accounts (Outlook, Gmail, business mail).
- Financial services (internet banking, accounting software).
- Cloud storage and business applications (Microsoft 365, Google Workspace, CRM systems).
- Social media channels (LinkedIn, Facebook, Instagram).
No one wants their personal photos or correspondence to end up on the street. For business owners, apply MFA to all your accounts that provide access to customer data, financial data or business critical information. Personally, I recommend that everyone apply MFA.
What do you need to use MFA?
Technical requirements are limited:
- An authenticator app such as Google Authenticator, Microsoft Authenticator or Authy.
- Possibly a hardware token or security key (e.g., YubiKey).
Most modern software packages and cloud services support MFA by default. Implementation is simple: in the settings of the relevant service, you can usually activate MFA with a few clicks. A small effort that directly ensures that cybercriminals have almost impossible access to your systems. Research even shows that accounts with MFA have up to 99% less chance of unauthorized access compared to password-only accounts.
Why entrepreneurs should use MFA
For you as a business owner, the stakes are high. Think of customer data, contracts, financial information and reputation. A data breach or hack can lead to:
- Financial loss due to fraud or fines (AVG/GDPR).
- Reputational damage that causes customers to lose trust.
- Operational disruptions that cost productivity and revenue.
With MFA, you significantly reduce this risk and show customers that you are serious about protecting their data. In addition, MFA often costs nothing extra.
Costs and benefits of switching
The cost of MFA is relatively low:
- Authenticator apps are free to download.
- Hardware tokens cost on average between €20 and €50 per user.
- Implementation mainly takes time and hardly any training.
The benefits, on the other hand, are high:
- Greatly reduced risk of data breaches and hacks.
- Saving on potential recovery costs after a cyber attack (which often run into the tens of thousands of dollars).
- Higher reliability and trust with customers and partners.
Conclusion
Two-factor authentication is no longer optional, but essential. The switch is easy, affordable and it will give you far more than it costs, so take action. By deploying MFA, you protect your business from one of today’s biggest digital threats, phishing.
Those who engage MFA today significantly reduce the chances of a hack tomorrow.
Do you have questions about MFA or its applicability within your company? Contact New Yard or your current IT partner.