ICYMI: Multi-Factor Authentication

To kick off National Cybersecurity Awareness Month, iCorps hosted a cybersecurity panel with industry experts from Microsoft, Sophos, Datto, and Mimecast. The panelists covered everything from social engineering to the importance of multi-factor authentication, before opening the discussion to attendees and hosting one-on-one breakout sessions. In part two of this three-part blog series, we recap the second question posed to panelists: Would you speak to the importance of multi-factor authentication? 

Multi-factor authentication (MFA) is a security system that asks users to input additional forms of authentication after a password when signing into email, networks, etc. The experts from iCorps, the event host and Managed Service Provider; Datto, a data backup and disaster recovery solution; Sophos, a firewall and security expert; and Microsoft's cybersecurity division discuss the importance of MFA and how to implement it correctly. 

Chris Stephenson, moderator, iCorps Technologies: Would you speak to the importance of multi-factor authentication?

Prefer to listen to the answers? Access the video coverage.

Laura MacDonald, panelist, Microsoft: If you try to use multi-factor authentication for everything that employees are using, they're going to get tired. They're going to go around you. It's just not going to work. So, there is a concept called "conditional access" which analyzes the user, the device they're on, the location. If the user is in the office, on a device they always use, and their identity does not appear to be compromised, then MFA is not required. If they're on their grandmother's computer in China then they will absolutely need to use MFA. The one difference would be privileged identities. With privileged identities you need to reduce the number of administrators, and ensure they are using MFA. 

Jeffrey Lauria, panelist, iCorps Technologies: A very bad practice I see a lot is when people's in-house account is a privileged account. Because it's a lot easier not having to maintain two accounts. Let's say there's a ransomware attack. We know that ransomware is generally limited to whatever it can get its hands on. Well, if you're an administrator with a privileged account, it got its hands on everything. That is something we see time and time again. People use privileged accounts when they shouldn't. 

 

Attendee question: How do the recent chip vulnerabilities, Meltdown and Spectre, affect this? Because in that case it's not the user.

Prefer to listen to the answers? Access the video coverage.

Alan Toews, panelist, Sophos: This becomes a maturity process for the chip vendors. To be building and accounting for the needs of, and finding new ways to optimize performance that don't use these techniques. 

Lauria: There are always going to be vulnerabilities. There are always going to be flaws. Obviously patch systems when you can, but all these systems and vulnerabilities need an avenue in which to be executed. And as long as you're aware of what that avenue is, you can craft your defense. Security is not a set it and forget it industry. It is a day in, day out job. Stay aware of what is emerging. This doesn't have to be complicated - it can be a daily RSS feed in your inbox that looks at what's happening outside the United States. In Europe, in India, etc. 

 

Want more from our Cybersecurity Summit? Check out icorps.com/summit to sign up for iCorps' event updates and check out the other blogs in this series:

Part 1 - ICYMI: Top Threats to Data Security Today
Part 3 - ICYMI: Cloud Comfort


New Call-to-action

Related content:
iCorps Technologies Wins Microsoft US Partner Award for Security and Compliance
2018's Biggest Data Breaches So Far
Quick Tips to Protect Your Business From Cyber Attacks