Multi-Factor Authentication: Prevent Unauthorized Access With Stolen Credentials

December 13, 2019 | Posted in:

Data Protection, Compliance, Cybercrime, IT Security

Posted by Mark Benton

Have you noticed consumer and business sites including mobile applications requiring multiple steps to verify who you are? Perhaps you’ve set-up a multi-step verification method to access your bank or Google email account?  This security measure is growing in popularity as most data breaches today begin with a set of compromised credentials. From financial institutions to online stores to social media sites, many businesses are now requiring multiple factors of verification to ensure a user is who they say they are, reducing the chances of a cybercriminal successfully gaining access to their networks.

Use of Consumer MFA by Industry

Cybercrime is big business.

Estimates put the profit from cybercrime at $1.5 trillion in 2018. Cybercrime is so lucrative; it's given these criminals the incentive to keep going. To keep the paydays coming, cybercriminals continually refine and alter their tactics and, as a result, more sophisticated and savvy attacks are on the rise.

MFA can block 99 percent of account compromise attacksAt the same time, mobile has become the preferred starting point for many attackers. According to the RSA 2019 "Current State of Cybercrime" report, there was a 680% increase of fraud via mobile between 2015 and 2018. As mobile continues as a popular channel for cybercrime, your bank, your social media sites, and your favorite shopping sites are implementing more security measures to protect you and the sensitive data they possess.

In business, security in the cloud is a shared responsibility. Cloud applications vendors, such as Microsoft Office 365, are doing what they can to keep the criminals from entering through the back door; leaving you in control of whom you let in the front door

Securing the front door is knowing who and what devices can have access to your data where ever it may be. If your staff is like many end-users, they are likely using weak or the same passwords across personal and work accounts. In this case, there is little the application providers can do to keep your data from unauthorized access. However, your organization can control the front door by taking charge of its users' identities, its data on mobile devices (think email), and control of the devices themselves (lost or stolen). Without this level of control, your business exposes itself to a myriad of unnecessary risks; ones that can be easily avoided.

With today's solutions, cost and convenience should no longer be an issue; and yet many businesses have not implemented certain security measures, such as a multi-step identity system such as Multi-Factor Authentication (MFA), in combination with some form of device management solution as part of their cloud security strategies.

Multi-Factor Authentication_MFA_Systems EngineeringHOW DOES MFA WORK?

Everyone Is A Target

If you don't think you have data a cybercriminal would want, think again. Cybercriminals now look to gain access to their targets by first compromising others at the fringes of the target's social and business circles; and work inward. So, while you may feel you have nothing a cybercriminal wants, your identity is valuable to them as it can be a pathway to their main target and financial reward.  

The narrative is all too common. The cybercriminal attacks an organization to get to the clients who can execute large financial transactions. Once the organization is compromised, the cybercriminal tricks clients into believing the email, asking for a $40,000 transfer, is legit and coming from the organization itself. Unfortunately, in a scenario like this, there are no good outcomes. 

Don't let cybercriminals waltz through your network's front door. 


Secure Your Front Door

At Systems Engineering, we recommend our clients, particularly those in Office 365, employ Multi-Factor Authentication as a critical step to securing access to your data. MFA utilizes multiple verification methods, such as credentials combined with a one-time code delivered via text, to validate the identity of the person trying to gain access to your network. This low-cost, effective security solution is one every business can use to prevent 99.9% of account compromise attacks and reduce their risk. 

Don't let 2020 pass you by without taking the necessary security steps to secure your front door. If you would like to discuss how MFA can better protect your business from the bad guys, contact us at info@systemsengineering.com or 888.624.6737. 

Mark Benton_Director_Product_Management_LinkedInMark Benton is the Director of Product Management at Systems Engineering. He has over 30 years of experience in Information Technology and is responsible for overseeing the onboarding of new products and services for Systems Engineering and its customers.