Have you heard of Multi-Factor Authentication or MFA?
While it might not mean much to some of us, it’s about to become one of the buzzwords in the Cyber Insurance industry. Here’s why.
What is Multi-Factor Authentication?
Multi-Factor Authentication requires system users to go through two layers of identification to gain control of a system. Think about the systems you access regularly. Your ATM for example, the first layer of identification is your debit card, the second is your PIN. Or when you enter your credit card details online, each piece of information you provide is a separate layer of authentication, including your card number, expiry date and security code. Many providers also ask you to verify the purchase using an app – another layer of authentication.
Something you know, something you have, something you are
Multi-Factor Authentication is sometimes referred to as:
Something you know: A username or password
Something you have: Verification text on a mobile, key fob
Something you are: Biometric authentication, including fingerprint or retina scans
Multi-factor authentication is successfully enabled when at least two of these categories are required to successfully verify someone’s identity before gaining access to a system.
Why is it important?
Multi-Factor Authentication is important as it helps to make sure that a business’s IT systems remain secure, along with their customer and staff data. MFA effectively makes accessing your company more difficult for cybercriminals. The harder your systems are to access, the less of a target you will be. It also helps to target natural human error – are your employees using the same passwords for everything? Weaker passwords will be strengthened by Multi-Factor Authentication and relieve your IT department.
What it means for your Cyber Insurance
Multi-Factor Authentication isn’t currently a requirement for all insurers who provide Cyber Insurance policies, but it is heading in that direction. Cyber Insurance claims are being made thick and fast and many of these start with compromised passwords or IDs. It’s your responsibility as a business to ensure that you have sufficient levels of cyber security in place to prevent such an attack from happening and Multi-Factor Authentication is simple and low cost way to improve your cyber security.
For more information, please visit National Cyber Security Centre here.
Ransomware is designed to block users or organisations from accessing their own files or systems. The attackers will encrypt company files and then demand a ransom payment from the victim in exchange