Loading

Preloader Loading Cancel.

What is MFA and do I need it? - Blue Sprout

What is MFA and do I need it?

30/08/2021 admin Comments Off

Data has become more and more vulnerable, particularly as we have migrated to cloud and remote technology solutions. Working from home has become a common activity for so many organisations.

Traditionally we have used a “user name” and one form of authentication (ie a password).  This is also known as Single Factor Authentication.

As the risk and cost associated with data breaches increases, we have seen the introduction of adding an additional item of authentication such as an SMS code or a code from an Application like Google Authenticator.  This is known as two factor authentication (or 2FA).

So what is Multi Factor Authentication (MFA)?

Multi Factor Authentication(MFA) users 2 or more types of authentication to be able access a device or an application.  So in a pure sense 2FA is a form of MFA.  Multi Factor Authentication could also use a question such as “name of first pet” or a bio item such as fingerprint or facial recognition.

To clarify here are some examples:

Single Factor AuthenticationBank Customer ID plus
Password
Multi Factor Authentication (2FA)Email Address plus
Password plus
Phone Authentication
Multi Factor Authentication  Email Address plus
Password plus
Phone Authentication plus
Mother’s Maiden Name

Do I Need it?

In a theoretical sense this is a “Risk Management” question. Is it likely my data will be attacked and how bad is it if it is attacked?

In a practical sense, the answer is “if at all possible, Yes”.  If you are storing client and or personal data, then “categorically yes”.

Does a data breach really cost that much?

Data breaches can end up with data being encrypted until a ransom is paid or you have restored all the data from a back up (which may take days or even weeks).  They may also lead to client data being sold.

There is insurance for this sort of loss called “Cyber Insurance”.  You should seek proper advice around this from your insurer or insurance broker.  A short discussion with a specialist will highlight how much a data breach can cost.  These costs can be hundreds of thousands or even millions of dollars.

How do I turn it on?

Turing on MFA is different for everyone.  Have a chat with your application provide or technical support expert for assistance.  Some applications where MFA can easily be activated include:

  • Gmail
  • Microsoft 365
  • Online Banking
  • Accounting systems (eg Xero and MYOB)
  • Facebook Messenger
  • LinkedIn
  • WhatsApp

You  may find this link from the Australian Government helpful  https://www.cyber.gov.au/acsc/small-and-medium-businesses/step-by-step-guides