MFA for the Win!

The most gratifying part of what I do is to hear about the positive impact we have had on our clients. In one case, we enhanced email security by implementing Multi-Factor Authentication (MFA) for a client that was initially hesitant to move forward with the recommended security change.

What Is MFA?

MFA is any combination of three factors – “something you know”, such as your username and password, “something you have”, like an app on your phone, or “something you are”, like your fingerprint. By using multiple factors, it adds a control to help protect your environment and secure access to your data. For this client, we used a combination of their username and password along with an application on a mobile device for confirmation.

A Real-Life Example

Hear one Client’s Journey from Saying, “It’ll Never Happen to Me” to Saying, “Thank You for Making Sure it Didn’t Happen to Me!”

Implementing MFA isn’t typically a large investment, but often will yield objections such as “Do I really need this?” and “It’ll never happen to me!”. We went over the benefits of MFA, explained the current security climate, and talked about recent incidents and issues before finally getting a reluctant agreement to make access more secure.

Fast-forward a few weeks, and I received a call from this client, “You really saved my bacon!” He thanked me for the nudge to tighten the security requirements at his company.

Apparently, at some point, he had fallen for a phishing e-mail that looked like it was from Microsoft saying his mailbox was running out of room, with a link to log in to confirm his account and expand his mailbox. These fraudulent attempts often look so real, it’s not uncommon to accidentally respond to such a call-to-action. He followed the instructions, logged in, and got a message that he was all set.

At about 3:00 AM, his phone alerted him that someone was trying to log into his account. He denied access, protecting his account. Upon notification, we changed his password and checked to ensure his account was not compromised. His contacts, company, and client data were safe.

Think it’ll Never Happen to You? Let's Talk

Amid hundreds of emails, phone calls, and everything else demanding our attention, it is easy to get distracted and give away our credentials letting hackers gain access to critical, private, and valuable information. The key is to control what’s in our control. To discuss MFA’s role as part of your security plan, please reach out to me and the team at Sourcepass to have a conversation!

Mike Appollo is a Sourcepass Senior Solution Advisor. Reach out to Mike at (877) 678-8080