With data breaches on the rise, a strong password isn’t always enough to protect an online account. Where the protection of a password ends, multi-factor authentication takes over, providing additional checks to improve your security. And what’s more, it’s simple and effective – and easy to set up in Microsoft 365.
What is Multi-Factor Authentication?
For as long as the internet has been around, the conventional wisdom has been that a good strong password is all you need to keep data safe. And up to a point, that has been true. There’s ongoing debate about what constitutes a strong password, but up until recent years, a strong password has conferred all the necessary protection. There are different ways to authenticate, with different benefits for each.
Unfortunately, that’s no longer true. Increasingly, cyber criminals are able to use a plethora of tricks and hacks to gain access to passwords and use them to gain access to private and commercial data. For a company that’s attacked in this way, the results can be disastrous. Once a cyber criminal has even a single password, they can potentially use it to discover other passwords and all manner of sensitive information.
Now that even strong passwords are not enough to confer protection, it’s become necessary to develop new methods of providing it. Enter multi-factor authentication, which adds extra checks to an online account to improve its level of protection. By requiring additional input from the user, it’s harder for a would-be hacker to provide enough of the necessary information to mimic the legitimate account owner.
There are three main categories of authentication factors:
- Knowledge: A username, password, PIN, or the answer to a question.
- Possession: A specific smartphone or passcode. For instance, when someone attempts to login to an account, a passcode is sent to their phone via text. To log in, they must input the passcode as well as their password or PIN.
- Biometric: A biological factor. Most commonly this is a fingerprint. Some other options include a retina or iris scan, or a voice print.
Why Multi-Factor Authentication is Useful
The obvious advantage of multi-factor authentication is the simple fact that it vastly increases account security. It’s generally simple to implement, and when used correctly it’s highly effective.
Another advantage of multi-factor authentication is that this more sophisticated identification system can be setup so that it recognises the user’s location. If an employee tries to access the system in a new location, the system can then request additional information to ensure it remains secure.
Simplified Login Process
An additional benefit is that it simplifies the login process. While it may seem to be more complicated to have to input more than one authentication factor, it actually tends to make it easier. Essentially, multi-factor authentication can do away with the need to devise long, complex passwords to keep an account secure. A passcode combined with a PIN and/or fingerprint scan can eliminate the need for a long, unwieldly password, and even though the process adds extra steps, each step is itself very simple to perform.
Setting Up Multi-Factor Authentication on Microsoft 365
With a Microsoft 365 Business-level subscription, you get a few version of Azure multi-factor authentication, so it definitely makes sense to use it! Note that in order to set this up on Microsoft 365, you need to be a global admin, so make sure you have this authority before you start. Find out more about setting up MFA on your Microsoft account in our article her.
Enable Multi-factor Authentication
Before you can start setup, make sure your Microsoft 365 subscription has multi-factor authentication enabled:
1) Toggle Try the new admin centre at the top of the Home page.
2) Choose Select > Services & add-ins > Modern authentication.
3) Check Enable modern authentication in the Modern authentication panel.
Setup Multi-factor Authentication
1) In the admin centre, choose Setup.
2) Choose Setup > Turn on multi-factor authentication > View.
3) Choose Setup > Turn on multi-factor authentication > Get started.
4) Select and check the Require multi-factor authentication and Require users to register for multi-factor authentication boxes.
5) Choose Do you want to exclude anyone from these policies and apply any exclusions.
6) Choose Create policy. This will take you back to Turn on multi-factor authentication. If it’s set up correctly this page will now say Completed.
At this point, you’re finished. Once this is set up, all users—except any you exclude—will have to set up two-step verification on any devices they access the system with. They’ll be required to do this on their next system login. The system will walk them through the necessary steps, after which they’ll login with the same two-step process each time.
The Threat Isn’t Going Away—So It’s Best to Be Prepared
Cyber security is an increasingly high priority for companies of all sizes, especially after the rash of high-profile data breaches in recent years. The simple addition of multi-factor authentication is an effective way of helping to ensure the safety of sensitive information and data.
Talk to ACUTEC today about implementing multi-factor authentication in your organisation.