Cybersecurity can be daunting.

How many acronyms and buzzwords can there possibly be within one industry? ZTNA, SaaS, SASE, the list goes on. Where do you start when you’re wanting to secure your business? Today, we’re keeping it as simple and practical as possible, because honestly, sometimes a single step can make huge strides for an organization’s cybersecurity.

Today, we’re talking about multi-factor authentication.

Multi-factor authentication is under the umbrella of Identity and Access Management, or IAM, but forget all of that for a second. We said we’re keeping this simple, right? We’re just focusing on how one or two clicks can improve your security posture as you look to start building out a cybersecurity program that can handle the most advanced threats.

Everyone is used to the traditional way of securing your applications online. Submit your correct username and password, and you’re off to the races. Unfortunately, this approach is quickly becoming outdated as more and more sophisticated attackers find ways to break through this minimal defense.

In a presentation at the recent RSA Security Conference, Microsoft’s Director of Identity Security, Alex Weinert, said 1.2 million Microsoft accounts were compromised in January 2020 alone. Of those compromised accounts, 99.9% were not using MFA.

With multi-factor authentication, the goal is to add an extra layer of defense so that even if malicious attackers crack your password, they do not gain immediate access to your applications and information.

So, what does that look like in practice?



It can be as simple as a click or two to add a much-needed extra layer of defense to your organization.

For example, you want access to a cloud application your organization utilizes. Using a multi-factor authentication approach, you would first enter your username and your password. Upon the correct entry of your credentials, a notification would be sent to your personal phone asking if you just logged in. All it takes is a *click* confirming that it was you. Upon this second step, you would then be granted access to your cloud application.

You can see how this can be a deterrent for potential attackers. If they don’t have access to your phone, they don’t have access to your applications.

Now, don’t get us wrong, this isn’t a one and done way to fully protect your organization. Identity and Access Management has many pillars that increase in complexity to further protect your organization to ensure there are even fewer chances that your applications and information will not be breached. As a start, check out our video on the pillars of IAM.

But truly, diving down that rabbit hole is a conversation for another time. The point is that multi-factor authentication is an easy way to get started down the path of a more secure future for your organization.

See? Cybersecurity doesn’t have to be daunting. Sometimes huge strides forward are just a *click* away.

Interested in learning more about implementing multi-factor authentication within your organization? Fill out the form below to get connected with one of our experts.

(And if you’re really itching to learn more about other forms of authentication RIGHT NOW, check out our blog post on “The Rise of Passwordless Authentication”. Overachiever over here!)