According to the Australian Cyber Security Centre, over the 2020–21 financial year, the there was an increase in reporting of cyber attacks to reporting of a cyber attack every 8 minutes compared to one every 10 minutes last financial year.
These incidents are increasingly on the rise and with many Australians using only 5 or less different passwords, it’s only a matter of time that you’ll know someone who is hacked, or worse, it will happen to you!
It's time to consider MFA
It’s time to consider using multi-factor authentication (MFA), also known as strong authentication or two-factor authentication(2FA). You may see this technology surfacing more and more with accounts you create. Many financial and healthcare organisations require a password and one of the following to log in to an account: call, text or email. Sounds familiar? This is multi-factor authentication. And while it takes a few extra steps and a bit more time, your personal accounts which house your personal data are more secure.
According to NIST, multi-factor authentication is defined as a security process that requires more than one method of authentication from independent sources to verify a user’s identity. You use MFA almost every day if you’re swiping your debit card and entering your pin number immediately after. There are three categories your credentials fall into for MFA, something you have (like a smart card), something you know (like a password or pin), and something that is (like your face or fingerprint). The point of MFA is that your credentials must come from two different categories for it to be considered secure. For example, entering two different passwords would not be considered multi-factor.
MFA will not prevent all attacks
Multi-factor authentication does not completely prevent being hacked. It is still possible; however, the odds are very low. One of the easiest way MFA is hacked is through texting or a phone call. Hackers will trick consumers into transferring someone else’s phone number to their own phone. It’s call SIM swapping. The hacker will contact the consumer pretending to be their victims, requesting a new SIM with the victim’s number. This then gives them access to any authentication code sent to that number.
Another way MFA could be hacked is through social engineering. A hacker could contact a target posing as their bank before asking to confirm the victim’s identity by quoting the security code that was just sent to them.
In the last few years, MFA has taken a leap in prevention by verifying identities using voice recognition, facial recognition and even fingerprints. Overtime, our smart devices will get more sophisticated, and we will see MFA with iris scanning, which is considered to be the most secure forms of identity authentication.
So when should I use MFA?
One of the biggest question consumers face is ‘when should I use multi-factor authentication?’. Taking simple actions to prevent the likelihood of becoming a victim should be top of mind. You should use MFA whenever possible. The more sensitive your data is, like healthcare records or banking information, the more motivated you should be to set up MFA. If the option is available to enable MFA, you should take the initiative to do so to protect identity and your data from cyber criminals.
CommuniCloud and DUO MFA
CommuniCloud deploys DUO for workforce zero trust both internally and for our customers. Duo's multi-factor authentication (MFA) and device trust is a great start for enterprises to secure the workforce on their zero-trust journey. Learn more about securing workloads and the workplace. Contact CommuniCloud to find out how you can protect your people and business.
24/7 our Security Operations Center monitors and protects!