The Essential Eight - #7 Multifactor authentication is crucial

Passwords alone are not enough to mitigate the risks to your online security. Multifactor authentication of a user’s identity is a crucial layer of added protection. If you are not using it, then you have a weak spot in your security architecture.

Multifactor authentication only grants users access once they present credentials from multiple sources from different categories. This significantly improves the efficiency of allowing users access to your systems.

As you probably know, even organisations such as Google, Apple, Microsoft and social media platforms all require multifactor authentication before you get access. It is a simple process. Multifactor solutions blend something you know with something you are or have. The use of two or three credentials makes sure you have the right to log into an account. It protects user’s account as well.

Multifactor authentication improves your online resilience

At least use multifactor authentication to protect remote access systems and privileged accounts for personnel such as administrators and executives. There are many systems available so it becomes a decision between usability, cost and security when making the decision. One of the simplest, quickest and cost-effective ways is to ask your users to enrol their mobile phone to receive an SMS during log in.

Implementing multifactor authentication into your security architecture will go a long way to helping protect your systems from cyber threats.

Multifactor authentication Essential Eight strategy

Many businesses commonly use multifactor authentication to make it more difficult for outsiders to access important information. The Essential Eight security strategies from the Australian Cyber Security Centre has a strategy for multifactor authentication to protect your business. If you are not already using it, then it is important to implement this strategy as soon as possible.

Under the Essential Eight strategies, there are three levels of maturity. The following is a summary of multifactor authentication:

Maturity Level One. At Maturity Level One, all remote users must use multifactor authentication to access your business network. This means using at least two of the following:
1. Passwords with at least six characters
2. Smartcards
3. Biometrics
4. SMS messages
5. Emails
6. Software certificates
7. Voice calls
8. Password tokens.
Maturity Level Two. Maturity Level Two builds on Level One with the added requirement that all privileged users and anyone in a position of trust must use multifactor authentication.
Maturity Level Three. Level Three builds on the previous two levels by adding multifactor authentication for all users accessing important data.

The Rightsize technical team takes the time to understand the risks to your business and works with you to design an effective solution to defend against probable events.

Contact us now for a free consultation to find out more about Essential Eight and its implementation to protect your business. Rightsize Technology is your IT department as a service. Our solutions protect you online.

About Rightsize

Enabling your business to grow efficiently and effectively – we’re the Rightsize for you.

Small businesses struggle to budget their IT operations and often spend inefficiently with less than a great return on their investment. Rightsize Technology understand. We deliver a minimum 30% reduction on IT overheads as a dedicated outside IT department for our clients. Our unlimited 24×7 support, both on and offsite increases business productivity and capacity, enabling their business to grow efficiently and effectively – we’re the Rightsize for growing small businesses. Talk to our team today for more information.