With a third of the population currently working remotely and great uncertainty regarding when this situation is going to change, organizations must shift their business operations to support long-term remote working.
According to a recent Gartner survey, the biggest barrier to effective remote work is poor technology and/or infrastructure for remote work.
As organizations work to update their technology and infrastructure to support the ever-growing remote workforce, it’s imperative that security isn’t left on the backburner. With the separation between an individual’s work and private life being blurred between working from home and sheltering in place, it’s essential for organizations to implement its first line of security defense. To help mitigate potential risks, CISOs and IT managers should deploy multi-factor authentication (MFA) to ensure their remote workforce is secure.
Why deploy multi-factor authentication?
Today, 63% of data breaches are linked to weak or reused passwords, which are partly the result of an ineffective strategy used by many organizations: the requirement for employees to frequently change passwords and use special characters.
At the same time, organizations and employees expect less interruption than ever before and immediate access to assets that are needed to complete the job.
The reality is that security is a delicate balancing act. Organizations need to figure out how to establish strong checkpoints that mitigate potential threats while also enabling employee productivity. With most traditional security solutions fall short of this goal, multi-factor authentication provides a frictionless approach. All it requires is a second ID factor that will validate the user’s identity.
With privileged identity abuse being a common cause in most breaches, multi-factor authentication provides the extra layer of protection against potential exposure points. As hackers look to target less tech-savvy users that are new to working at home, multi-factor authentication stops hackers in their tracks. In order to gain access to individuals’ network, cybercriminals must produce the device a user uses to generate their MFA code, which is quite difficult (if not impossible) for most hackers.
In a time where most employees are working on unsecured home and public networks, having multi-factor authentication as an extra safeguard will not only take some burden off the IT team but will also help make employees that aren’t trained in security less susceptible to cybercriminals.
Four questions to consider before adopting a MFA solution
The reason why multi-factor authentication adoption has been slow is that it’s often costly and complex to integrate, so it’s imperative that organizations weigh all options to ensure they align with their employee and business needs. Prior to purchasing, organizations must consider the following factors:
1. How user-friendly is the solution?
With users being the biggest barrier to a solution’s success, it’s imperative that you consider how your employees work throughout the entire process. The key to employees’ openness to the solution is to consider how tokens – the channel in which users identify themselves – are requested and assigned.
By selecting a token that aligns with how employees log in to their email or other daily tasks organizations can ensure a quick and smooth deployment.
2. How will the solution impact administrators?
With administrators being essential to granting access and running daily operations, it’s important to consider how a solution will impact an administrator’s daily role. The two most important elements to consider are ease of use and the availability of the solution.
When looking for a solution many organizations should consider solutions that offer administration through Active Directory User and Computer (ADUC). With ADUC administrators aren’t required to learn a new console which means they won’t have to lead the deployment of new software. It’s also important that the solution offers simplified and quick support to help administrators troubleshoot and resolve any user-related authentication issue that may occur.
3. How does the solution scale and fit in with your current systems?
Once you determine how the solution will impact your employees, it’s time to look at how the solution will align with your current identity software. With an entirely remote workforce, organizations need to know if the solution will be integrated into an existing identity database or if it will be housed in a new database that users will need to be provisioned to.
Since cost and complexity of integration is often an element that holds organizations back from not only a successful integration but users actually using the solution, organizations must look at how it fits in with their other identity solutions. By working with a tool that’s flexible and integrates along with other tools IT teams can be reassured that users are implementing the new security measure into their daily tasks.
4. What is the best token option for your organization?
Not all tokens look or function the same, so you need to consider which types of tokens align best with your business operations. To ensure it’s the correct type of token it’s important to understand the token type and if it’s a hardware or software token. For a software token you should determine if it’s compatible with all operating systems and if it’s SMS, email or web-based.
If you prefer to have a hardware token you’ll want to determine if it’s OATH compliant. As an open standard for authentication OATH ensures interoperability between authentication vendors using standards. Selecting an OATH-compliant solution offers more choices of token devices as well as interoperability with different systems.
With so many employees working remotely, without basic security training organizations are even more vulnerable to cybercriminals. At the end of the day, with most of the workforce working remotely, to deploy multi-factor authentication is no longer a consideration but an essential security protocol.