#007: Let’s Talk about Multi-Factor Authentication (again!)

In this episode of The Power Up Project, we cover:

〉Recap on Multi-factor Authentication(MFA) topic.

〉Reasons why you need to enable MFA.

 

 

Transcript:

In this episode of the Power Up Project, we are going to talk about multi-factor authentication again. 

Hey, welcome back to the Power Up Project. I’m your host for this episode, Ben Love. Today we’re going to retouch on multi-factor authentication. Now, we have touched on this before across many channels. We’ve spoken about this in blog posts, in podcasts, in YouTube and Facebook videos. We’re gonna touch on it again, because this is a really … this is low hanging fruit, folks. This is a really powerful way of improving the security of your systems and it’s easy to do.

So what I want to do, first we’re gonna recap. What is multi-factor authentication? Multi-factor authentication can otherwise be known as MFA, two factor authentication, 2FA, so on, you get the idea, is an additional layer of security on your user accounts that you use to access things such as e-mail or your accounting system and so on. Normally you would use your username and your password to log on to these systems. When you have MFA enabled, there is a third step.

Now, usually that third step will be a randomly changing numeric code that you get from a little key fob or an app on your smartphone and you enter that code in and then it allows you to log on to the system. What I want to talk you through today, three reasons why you need to enable multi-factor authentication. First of all, it is free. Pretty much every modern application, especially the cloud based ones, which obviously we’re all moving towards in a big way, have MFA functionality built in. All you need to do is turn it on. Simple as that.

If you are using older legacy systems, MFA functionality may not be built in, so you may need some sort of a third party product on top of that to give you MFA functionality. If that has to happen, there will be cost involved because of the third party application. But we are seeing less and less of those legacy systems around these days. Most of your systems, you will probably find, have some MFA support in them. Ask the question. Go to Google. Search for the name of your application and then MFA. See what you can find.

Point number two. It is super easy to use. It really is. Most MFA on cloud apps, for example, is provided via an app on your phone. Google Authenticator and Microsoft Authenticator are the two main ones that most of the platforms seem to choose between. It is very easy. You go to log on your application exactly the same way you normally would. You may enter your username and password the same way you normally would. But then there will just be this extra step. All you need to do is open the app on your phone, it will give you a code, normally about six numbers. You type that in as part of the login process and you’re done. That’s it.

With a lot of the Microsoft stuff it’s even easier. When you go to log on to your application, the app on your phone will simply pop up a message saying, “This login is in process, would you like to approve it to proceed,” and you just tap the button on your phone saying, “Yes, approve this authentication attempt.” Very, very easy to use.

Point number three is that it is massively effective at increasing the security of your user accounts. Now, security needs to come in many layers. We need firewalls, we need anti-virus, we need best practise configurations, we need all of these things. There is no silver bullet. There never will be. But MFA is an extremely effective way of protecting those user accounts, because those user accounts are the keys to the front door of all of that important information and all of that authority and power that happens within your organisations.

MFA is a very, very important piece of the whole security picture. Please, have a look at MFA if you haven’t already. We will keep harping on about this.

To recap, it’s free in most cases. Number two, it is super easy to use. Number three, it’s massively effective at increasing the security on your user accounts.

Thanks for listening to this episode of the Power Up Project, brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts and until next time, keep Powering Up.

 

Let's continue the conversation! Leave a comment below.