MFA is the use of a secondary login after you enter your username and password. When you set up the MFA you will either use a app like LastPass, Microsoft Authenticator, Authy, and so many more. These apps work with you creating an account where you link you bank, email, or any account you want to protect from hacks, your spouse, your kids, or maybe just an unknown person who stole your account information for Facebook from logging in without the code displayed on the app.
When using an MFA, the software that secures the account requires you to type in the code they sent to you by Text Message or by the code displayed in the app. This helps you keep everything secure and prevents the system from allowing in none authorized users. The best part about this is if you are a business, it means when you are attacked you have some simple protection against losing your access to your emails.
Let’s talk about what it means to not use MFA when an attack happens on your account that is linked to your bank account. The old way of logging in to your bank if you are older than 25. Is that you typed in your username and password and boom bam you’re in and on your way to the races. The problem with this is you never really knew if someone else was in your account as well until all your money was gone. Online bank came with a huge risk that no one really knew about and that was unauthorized users logging into accounts that they were sold, found or even attacked to gain access. The saving grace for many was the phone call from the bank saying did you authorize this transaction. Fast forward to early 2010s when everyone has a cellphone that can work on the internet and MFA started to take off as a way to secure their accounts. This was due to all the hacks and data breaches that were happening around that time. Now days most banks require you to either require you to have a text sent, a call, or enter the number displayed in your MFA account.
Microsoft even has their own authenticator that will register you accounts and prompt you on your phone to accept or decline the log in of your accounts which is a huge thing for companies running on a Microsoft based environment. Not only will this protect your employees by your customers data will also be protected by not allowing outside personnel access to your data through an account not protected.
MFA is not a "catch all" however, it is just one step to the protection you deserve as a consumer and business. Reach out to GingerSec today and talk to them about an audit of your security setup and see how we can help you build a safe environment for you, your clients, and you’re the future.
