Welcome to the First Column IT Tech Blog

HomeBlog
If You Want to Insure Your Business, You’re Going to Need MFA

If You Want to Insure Your Business, You’re Going to Need MFA

May 24, 2024

Certain businesses have taken a much closer interest in cybersecurity… those businesses being business insurance providers. Many will now only provide coverage if your business maintains certain cybersecurity standards. One key tool they want to see is multi-factor authentication, or MFA.

Let’s talk about what you need to be ready, and how COMPANYNAME can help.

What is MFA?

Multi-factor authentication/MFA is a cybersecurity approach that adds more distrust to historically trust-based systems. 

Most, if not all, of us are familiar with the username and password combination that has been used since networking was first introduced. Knowing the secret knock wasn’t enough; you also had to know the secret word to get in.

However, this system has always been somewhat easy to break. Someone could simply hide close enough to the door to hear the knock and the proper password, and today, cybercriminals have numerous means of capturing credentials. Phishing, keylogging, network snooping, and more have all been—and still are—used to steal access to resources.

MFA is used to fix that by adding another requirement far harder for someone to replicate or steal.

How Does Multi-Factor Authentication Work?

Multi-factor authentication is a relatively simple concept: it requires someone to provide extra proof that they are who they say they are. 

Returning to our examples, someone presents an identity—who they are—as the username or secret knock. This tells the system that someone is requesting access. This identity must then be authenticated. Historically, this was the password, the factor used to prove that, yes, this identity was verified as having access.

Whether it was whispered to a guard or put into a password field, the idea was that this was enough authentication to provide access. However, with multi-factor authentication, more proof is required. 

Before the door would be opened, someone also needed to be wearing a certain ring. Similarly, more proof is needed to authenticate an identity.

What Can Be Used as Authentication in Modern MFA Systems?

Today, this additional proof of identity, the multiple factors in multi-factor authentication, can take one of three forms:

  1. Something you know, like a password or passcode
  2. Something you have, like access to an account or application
  3. Something you are, like biometric data

Today’s technology gives us numerous options, some more secure than others, but the real focus should be that any MFA is better than no MFA… especially if it’s what prevents you from insuring your business.

Emailed Codes

This option may work well for your business, provided that you don’t mind having to check your email before you can log into your secured resource. Some platforms may only have this option, too. The idea is simple: when an attempt is made by a user to access the protected resource, an email is sent to that user’s email address that must then be provided. 

SMS Codes

Similarly, some platforms will only offer this option despite its considerable downsides. We’ll get to those later. This idea is also pretty simple: a user requests access and a text message is sent to their phone with a code they must then provide.

Again, having MFA is better than not having MFA. However, we do have to acknowledge some downsides. 

For instance, what happens if you are using SMS-based MFA and the phone tied to the account is lost or the user upgrades their device? What if someone decides to change their phone number? It may not happen very often, but it does. What if someone loses access to their email account?

Any of these situations can make MFA more challenging.

Authentication Applications

Various dedicated applications exist that are meant to assist with MFA specifically, such as Google Authenticator, Microsoft Authenticator, Duo, and others. By using a secure authentication app, all of your MFA codes can be generated from one secure place and accessed relatively easily by your team members as they need them.

If going the application route, you should always check that you can move your application between devices (which not all will allow) and that you can back up, as you can with the three we’ve mentioned: Google, Microsoft, and Duo.

We’re Here to Help You Keep Your Business Secure Enough to Be Insured!

Business insurance is not something to neglect, and frankly, if it helps make businesses inherently more secure, we’re all for it. 

So, whether you want to learn more about putting MFA in place or have any other IT or cybersecurity questions, we’re ready to talk. We work with businesses around Northern Virginia to ensure they can use technology as the tool it has always been intended to be. Give us a call at (571) 470-5594 to learn more.

Previous Post
June 24, 2024
Explaining Google’s Back-end Operations
Billions of people who find themselves on the Internet depend on the use of Google Search to find what they are looking for. What actually happens when you click on the “search,” though? Today, we want to discuss how the search engine works so you can get a better idea of what goes on behind the scenes.
June 22, 2024
What You Can Do About Today’s Most Pressing Cybersecurity Threats
As cyberthreats become more advanced, businesses must take proactive steps to address them. Cyberattacks can have devastating effects, making it crucial to enhance employees’ awareness of online threats. This month, we examine the top three IT security challenges businesses face and how to combat them effectively.
June 21, 2024
Technology Has a Significant Role in Company Culture
Your business’ IT is not just a minor component; it’s deeply woven into the fabric of your business. Today, we’ll briefly explore how technology and culture converge inside today’s businesses.

Have a project in mind?

Start with our free consultation for VA, DC and MD companies. We will provide a detailed proposal and firm quote based on your specific IT support needs. All at a predictable monthly cost per seat.
Free Consultation - Sign Up Here