Are you wondering what multi-factor authentication is all about and why this step is highly recommended? The reason is obvious, because the measure also increases the security of your Microsoft Cloud accounts (Office 365, Azure). Two-factor authentication (2FA, also called multi-factor authentication, MFA) has become a common way to further secure accounts. To gain access, you need to name a factor other than the user name and password as the first factor.
If a user wants to log in to his account, at least the user name and password must be entered, then the respective service can be used. Multifactor authentication adds a second factor to the process.
This can come from a variety of sources. For example, it can be a special passphrase, a PIN or TAN (transaction number), but biometric factors such as a fingerprint, the voice or the course of the hand veins are also possible. Security tokens that contain or generate the code can also be used. So if you want to log into your account after activating the second factor, you will need your user name, the associated password and, as a new step, the code that is also provided on the mobile device. There are numerous Authenticator apps for smartphones whose task is to generate a code every 30 seconds.
The entire login process is extended by one step, but this should be acceptable in view of the significant increase in security. Even if the personal password has been spied out by third parties, access is not possible without a mobile device or token.
As a concept, the MFA has proven itself and significantly improved the security of Microsoft cloud accounts. We would be happy to advise you in detail on the possibilities of securing your accounts.
In summary, in addition to the use of additional tools for the automated detection of manipulated Office 365 accounts, 2FA/MFA offer a significant optimization of security in the company.
The greatest risk, however, is and remains the employee. It is the simplest target for an attacker, therefore all technical measures must be supplemented by recurring training and sensitization of the employees for cyber attacks and current threats. Only by working together can the use of technical solutions unfold its full potential. Our coordinated Cyber Defense Awareness Trainings sensitize your colleagues and prepare them well for possible attacks.
Do you have any questions about setting up the MFA, about training or need further information about Microsoft products? Our experts are at your disposal, get in touch right away.