One Microsoft 365 Security Feature all companies should consider - MFA

Author:  Steve Vickerage

MFA is short for Multi Factor Authentication.  What is this? -  you might ask.

Multi Factor Authentication is a process requiring two or more verification methods for accessing a secure system.  With Microsoft 365, when logging in (authenticating) Azure AD Multi Factor Authentication (MFA) works by requiring two or more of the following authentication methods:

  • Something you know, typically a password
  • Something you have, such as a trusted device that is not easily duplicated, like a phone or hardware key
  • Something you are, biometrics like a finger print or face scan (MFA - Microsoft Docs)

If you only use a password to authenticate a user, it leaves an insecure vector for attack.  Passwords may be weak or exposed elsewhere, and it becomes unknown - is the user signing in or a hacker using an appropriate user name and password.  When you require a second form of authentication, security is increased as the additional factor isn't something that's easy for an attacker to obtain or duplicate.

 

Graphic showing login devices and options for secure logins

 

By setting up MFA, you add an extra layer of security to your Microsoft 365 account sign-in.  For example, you first specify your password and you also provide a dynamically generated verification code provided by an authenticator app or sent to your phone. (MFA - Microsoft Docs)

A few years ago, it was best practices to change your password every few months, but this habit causes users to write down passwords, which can present obvious risks.  In today's world, MFA is used for many services.  I have it set up on my Amazon account for example.  In the last year, Microsoft and Sophos have required us, as their partners, to use MFA when we access our Partner Admin Portals, and we get it!  Some may see this as a hassle, but this one Microsoft 365 feature alone helps to "ensure your accounts are 99% less likely to be compromised" (MFA - Microsoft Security).  This one feature can save your business from very costly and disruptive security concerns.

But it gets even better, (wait for it) this feature is FREE with Microsoft 365 subscriptions / tenants! (mic drop!)  All you need to do is activate this feature and let your users know of the new, state of the art, security feature your company has implemented.

Give us a call if you would like to learn more about deploying MFA for your company.

 

Published February 2021

go to top