Back to Basics – Why MFA? (pt.3)

by
using MFA

In this third part of my MFA mini-series, I am going to look at some of the resistance that we get when trying to implement multi-factor authentication.

MFA – It is like medicine that tastes bad

In the first part of this series, I briefly explained the highlights of why MFA is a key part of any cyber security. Your own personal one-time-password (OTP) between you and the hackers. That extra security if your credentials have been compromised. So you would think everyone would be flocking to set it up…

Well no. MFA is like bad tasting medicine, you know it is going to do you good but you do not like it. Or better still MFA is the wholemeal bread when you are asked if you want your bacon* sandwich on white or wholemeal bread – you are going to order the white bread but you know the wholemeal is better for you.

People just do not seem to like MFA and this is confirmed by our support team. When they are on the ground implementing MFA there are always complaints and excuses why users do not want to use it.

This is a problem I have had to solve.

Back to Basics – Why MFA? (pt.3) Cyber Awake
<em>Make MFA Work<em>

Some ideas to make MFA an easier fit

Here are my three top things to make MFA work for you.

Get the buy-in of your team

Explain how this will benefit the organisation but illustrate it by showing how MFA secures their Amazon account. This is usually done pre-rollout.

Explain the App

Most of our clients rely on the authenticator app installed on the user’s personal phone, so accept either Google’s or Microsoft’s authenticator app. Relating your cyber security to their cyber security will help convince them to install an app for you on their phone.

Training

Demonstrate and write down the “how to”. Make sure that MFA help is always available. Remember you need this essential security step to work all the time.

One more thing about MFA…

No matter what happens never turn off MFA for systems such as your Microsoft 365, even for just one person, no matter what the excuse is.

Next

I am taking a break from writing for Cyber Awake until the New Year. I have written over seventy articles here, as well as the Wednesday Bit I write for Smart Thinking and articles for Octagon Technology. I think a break from witing these posts will allow me to come back in 2024 ready to better help you understand the cyber security threat landscape and what you need to do about the threats and risks.

Have a Happy Christmas and New Year.

Clive


Clive Catton MSc (Cyber Security) – by-line and other articles

* Insert vegan, veggie or other meat filling of your choice here.

Further Reading

Back to Basics – MFA (pt 1)

What’s Wrong with MFA (pt 2)

Move away from text- or voice-based multi-factor authentication

The Wednesday Bit | Smart Thinking Solutions

A Geek Present for Christmas 2023 | Octagon Technology

Photo by Andrea Piacquadio

Contact us for consultation

Wake up to cyber threats..

Back to Basics – Why MFA? (pt.3) Cyber Awake
HQ Based between Newark and Lincoln

Get in touch

CyberAwake
Unit 2 Kingsley Court
Kingsley Road
Lincoln
LN6 3TA
United Kingdom

01522 508089

useful links

Website Cookies Icon

This website uses cookies to ensure you get the best experience on our website. Click for more information.

accept & Close