MFA Spotlight

HawkPoint
30 May 2022 7 min read

You have probably been hearing about multifactor authentication (MFA or 2FA), whether you’re hearing it from your IT administrator or your new cyber insurance policies. MFA is the process of using multiple means for logging into a system. Your password is one, then maybe a code, received via text or from an app, is another. Your phone uses your face as a secondary authentication method. We’ve broken down where you’ll want to make sure you have MFA implemented for your business.

MFA for email: MFA for emails is almost certainly in your insurance policy. If you experience an incident where your email is breeched, they will ask you to confirm that MFA was enforced at the time of the breech, before paying out any claims. If you are using Microsoft 365 or any other cloud-based email system and you have some or all accounts without MFA, do something about that now.

 MFA for VPN: If you don’t know what VPN is, then this probably doesn’t apply to you. This one may be in your policy. MFA for VPN is commonly provided through Microsoft Azure or through Cisco Duo. Some firewall manufacturers provide it directly, but most don’t. Read your policy to see if this is a requirement. If you already use Microsoft 365, upgrading to Business Premium licensing will give you Azure controls, including MFA for VPN. Otherwise, Cisco Duo is best.

MFA for Privileged Accounts: This refers to IT administrator accounts. This is not common in policies, but yours may require this. Microsoft Azure does not provide MFA for privileged accounts yet. Cisco Duo would work best for this.

Let us know if you’re interested in Cisco Duo or upgrading to Microsoft 365!