Blog

Could MFA’s Challenges Potentially Be Fixed?

Could MFA’s Challenges Potentially Be Fixed?

User authentication is a critical security feature for a business, specifically because it helps to minimize a significant threat to your business. This is why we’re so adamant that you should require multi-factor authentication wherever it is available… but is a better way to authenticate your users on the horizon?

Let’s start by reviewing some of the drawbacks that multi-factor authentication—while exceptionally helpful—does unfortunately suffer from.

It’s Simple… Multi-Factor Authentication Can be Frustrating

For all the benefits it offers to your security, there can be no denying that MFA can be a pain, especially if there are too many steps required for your team to effectively and efficiently access their accounts, creating some friction and (as we said) frustration. Plus, the most common form of MFA (a code generated by a smartphone application) is dependent on their having the phone ready and available.

For instance, what happens when an employee is halfway to the office and they realize that their phone—and resultantly, their MFA key—is still at their house? Or maybe one of your remote workers discovers that their phone isn’t on its charging station where they left it, only to discover that their child has deposited it into the toilet…what happens then?

This is just one of the potential challenges that MFA can pose. So while the security benefits are clear, there is no denying that this security feature can also create stress.

Enter Adaptive Authentication

While still only being used by a limited (but growing) number of organizations, adaptive authentication takes other factors into account to determine whether or not an MFA prompt is called for.

Here’s how it works: let’s say that you go to work at the same time every weekday and perform more or less the same processes and tasks. Each person has their own typing patterns and ways to move the mouse, including you. These details can all be used to build a sort of profile of behaviors that your systems start to associate with each user. If something unusual happens—like a login attempt from an unfamiliar device at an odd time—an MFA prompt will be required. The idea is to strike a balance between security and convenience in such a way that neither your protections or your productivity is unduly impacted.

Various industries have started adopting this new approach, and while it may be some time before the average small or medium-sized business can easily do so, it’s something interesting to keep your eye out for.

In the meantime, White Mountain IT Services can assist you with the other aspects of your business’ IT to help boost your security and productivity. Learn more by giving us a call at 603-889-0800.

Related Posts

For a long time, businesses that didn’t have any cybersecurity problems would never consider investing in additional cybersecurity tools. The decision-makers of these companies simply didn’t find it necessary; and many of them had a point (until they...
Simple passwords are often the bane of a business’ existence. If you routinely use strings like Password, 123456, Guest,  or Qwerty to secure an account, then you need to reexamine your password practices before they lead to a data breach. A goo...
While many small businesses shrug off cybersecurity needs as too expensive an investment for an organization of their size, this is a potentially catastrophic mistake. The fact of the matter is that small businesses are regularly targeted by cyberatt...
One of the big advantages that Mac computers have had over the traditional PC is that they “don’t get viruses,” but how true is this claim, really? Research conducted by Elastic Security Labs proves that this is certainly not the case, discrediting t...
We get it—nobody likes to think about the prospect of being impacted by a cybersecurity incident, but it’s like any other unpleasant event in that it is best to prepare for it. In fact, today’s businesses can invest in a cyber insurance policy to hel...
With so many threats out in the world, it’s no surprise that some of them target undiscovered vulnerabilities. These types of threats use what are called zero-day exploits to make attempts at your sensitive data and technology infrastructure. What is...
Let me ask you a question: how much did you pay Google for your Business Profile? Unfortunately, if the answer was anything other than “nothing,” you’ve been scammed. Google has actually announced that they are taking legal action against scammers wh...
If you become the victim of a hacking attack today, how would the hackers go about it? Would they try to find vulnerabilities in your network and infrastructure? You need to do what you can to answer the questions surrounding the strength of your exi...
Who are you? While it’s a question that’s been asked in all contexts with all levels of metaphysicality attached—from asking someone their name to prompting someone to follow a path of spiritual self-discovery—the growth of the metaverse once again u...
Passwordless authentication has been increasingly spoken of in favor of the typical password-based method, and is gaining traction the more it is talked about. Google recently took steps toward passwordless that we felt warranted some discussion....
With countless threats out there waiting for IT professionals to slip up, it’s no small wonder that many of these professionals are opting into what is called a zero-trust policy for their security standards. So, what exactly is a zero-trust policy, ...
We aren’t going to try and pretend that the investments necessary to preserve your business’ data security are small ones. Especially at first glance, you may very well start to question if such an investment is truly necessary. The simple fact of th...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our offices in NH.  We will manage a local vendor for locations outside of our service area to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 60 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem NH and Portsmouth NH area.

White Mountain IT Services

 


33 Main St, Suite 302
Nashua, NH 03064

 


121 Riverfront Drive
Manchester, NH 03102

 

Client Help Desk      603-889-2210

New Client Inquiries   603-889-0800

Open Positions