Multi-Factor Authentication: Worth The Cost?

by

September 7, 2021

Is Multi-Factor Authentication worth the cost? Yes, yes, yes times infinity. Okay, I think we made our opinion obvious.

While there is no such thing as a silver bullet for 100% cybersecurity protection (even Multi-Factor Authentication, aka MFA, isn’t perfect), we can’t think of one reason not to implement it right away.

MFA puts an extra step into the user login experience. Once a user ID and password are entered, the user is prompted to request and enter a special code delivered via text or voice to complete the transaction.

It’s effective because a threat actor would have significant difficulty intervening in this process.

If you already have Microsoft 365 (M365) Business Standard, MFA is included and only runs about $1,200.00 to $1,400.00 for the project to set it up.

One of our clients (before they engaged with us), got hit with a man-in-the-middle attack and transferred $170,000.00 to a felon’s bank account.

For additional inspiration, I will be sharing several examples of what can go wrong and how MFA can be paired with related solutions to keep your IT systems and users protected.

The following four scenarios only scratch the surface. However, if I can stimulate one new idea (and better practice), you’re one step closer to improving the security of your digital assets.

 

1 – Multi-Factor Authentication Strengthens Defenses Against Open-Source Intelligence Exposure

Cyber crooks don’t need to breach heavily fortified IT systems to gather personal data. Instead, they take bits and pieces we openly share on social media sites like Nextdoor, LinkedIn, Facebook, Evites, and personal blogs.

Phone numbers, email addresses, and dates of birth can be easily collected and harnessed to launch multi-faceted phishing campaigns.

Professional criminals know how to figure out your passwords simply by studying your interests (exotic cats, patriotism, and gardening) to launch brute force attacks on thousands of accounts simultaneously.

 

2 – Multi-Factor Authentication Reduces Shadow IT Risk

Even the best trained MSP clients can be caught off-guard. The opportunities are endless when so many of us access unsecured Wifi networks and use personal Yahoo Mail and Gmail accounts for business.

HP has a fantastic commercial with Christian Slater that shows how easy it is for a device to get infected. Spoiler alert: don’t share corporate laptops, workstations, or tablets with your gaming fanatic kids.

Learn More: HP Wolf Security

When one network gets infiltrated, millions of other networks are suddenly within reach.

 

3 – Multi-Factor Authentication is Another Layer of Protection When Backups Fail

Having a comprehensive backup plan is one of the strongest weapons you can employ to avoid downtime, reputational harm, severe data loss, bankruptcy, the prospect of being manipulated into paying a gigantic ransom, and more.

According to Antony Adshead, Storage Editor of Computer Weekly, “The number of respondents that reported inadequate backup or failure to meet service level agreements (SLAs) rose to 40% in 2021 from a pre-pandemic 31% in 2019. Digging down into that, backup failure rates are quite staggering, with 37% of all jobs failing and 34% of restores failing.”

Learn More: Backup Failures Hit A High

 

4 – Multi-Factor Authentication Lowers Email Infiltration Risk

As the cybersecurity awareness training experts at KnowBe4 report, “Your email filters have an average failure rate of 7% to 10%.”

This figure is not an exaggeration. I’m employed by an Inc. 5000 ranked MSP with a powerful combination of Cisco Security, M365, Duo, Proofpoint, and Sentinel One and I routinely receive “socially engineered” emails I wouldn’t dare click on or respond to.

Learn More: What Is Social Engineering?

 

Activating Multi-Factor Authentication Today

I mention four things that can go wrong to emphasize how MFA can play a role in making more things go right.

It isn’t statistically probable that everything you have in place will fail or be strained at the same time but it’s important to employ a portfolio of measures so the odds are in your favor.

Is it worth spending a one-time fee of less than $1,500.00 to avoid losing 100 times that amount?

The MFA available within M365 is only one of many solutions. Curious about what else is out there? We help our clients find the right one for their unique requirements.

Learn More: The Top 11 Multi-Factor Authentication Solutions

Jed is a Solution Advisor at Integris who has specialized in MSP solution development, sales, and marketing communications since 2003.

Keep reading

Top 10 IT Best Practices To Adopt Right Now

Top 10 IT Best Practices To Adopt Right Now

Welcome to the Top 10 IT Best Practices To Adopt Right Now. This simple, non-technical “listicle” (slightly updated since December of 2021) covers some of the most valuable technology tips we can assemble into a five-minute read. Some of the recommendations are a...