Multi factor authentication (MFA) is a security measure or system that requires more than one method of authentication from independent categories of credentials. This enables websites or platforms to verify the user’s identity for a login or other transaction.
Typical MFA options include:
- Swiping a personal card and typing a PIN.
- Logging into a website and being requested to enter an additional one-time password (OTP) that the website's authentication server sends to the requester's phone or email address.
- Downloading a VPN client with a valid digital certificate to then log into the VPN before being granted access to a network.
- Swiping a card, scanning the fingerprint and answering a security question.
- Attaching a USB hardware token to a desktop that generates a one-time passcode and using the one-time passcode to log into a VPN client.
Challenges faced and benefits of MFA
It can protect from identity theft which is an easy, low-risk and high-reward type of crime. A threat to all businesses, the fastest-growing and more profitable type of crime.
Weak or stolen user credentials are hackers' weapon of choice, used in 95% of all Web application attacks. Statistics report that from 2013 to 2014, the number of successful breaches increased by 27.5%.
Popular headlines tend to belong to the household-name companies, but they are not the only companies being targeted. Of all targeted attacks, 31% are aimed at small businesses with fewer than 250 employees. Security is increasingly important in such hard time.
Anti-virus systems and advanced firewalls are necessary security elements, as are vulnerability tests. However, without user multi factor authentication the front door is wide open to intruders. This is particularly relevant as password theft is constantly evolving as hackers employ methods like 'keylogging', 'phishing', and 'pharming'.
Unfortunately, cyber criminals do more than merely steal data. They can destroy data, change programs or services, or use servers to transmit propaganda, spam, or malicious code. This can cause enormous disruptions in business activities.
Employees are already accustomed to authenticating themselves in their personal lives, with providers of online services like home banking, gaming, social media, and email have all adopted mobile-based tools to effectively authenticate their users when accessing their systems.
Office 365 and MFA
Office 365 uses multi-factor authentication to help provide the extra security and is managed from the Microsoft 365 admin centre. Office 365 offers the following subset of Azure multi-factor authentication capabilities as a part of the subscription:
-The ability to enable and enforce multi-factor authentication for end users
-The use of a mobile app (online and one-time password [OTP]) as a second authentication factor
-The use of a phone call as a second authentication factor
-The use of a Short Message Service (SMS) message as a second authentication factor
-Application passwords for non-browser clients (for example, the Microsoft Lync 2013 communications software)
-Default Microsoft greetings during authentication phone calls
To enable MFA for Office 2013 client apps, you must have the following software installed (the version listed below, or a later version) based on whether you have a Click-to-run based installations or an MSI-based installations.
To determine whether your Office installation is Click-to-run or MSI-base:
- Start Outlook 2013.
- On the File menu, choose Office Account.
- For Outlook 2013 Click-to-Run installations, an Update Options item is displayed. For MSI-based installations, the Update Options item is not displayed.