Could MFA’s Challenges Potentially Be Fixed?
User authentication is a critical security feature for a business, specifically because it helps to minimize a significant threat to your business. This is why we’re so adamant that you should require multi-factor authentication wherever it is available… but is a better way to authenticate your users on the horizon?
Let’s start by reviewing some of the drawbacks that multi-factor authentication—while exceptionally helpful—does unfortunately suffer from.
It’s Simple… Multi-Factor Authentication Can be Frustrating
For all the benefits it offers to your security, there can be no denying that MFA can be a pain, especially if there are too many steps required for your team to effectively and efficiently access their accounts, creating some friction and (as we said) frustration. Plus, the most common form of MFA (a code generated by a smartphone application) is dependent on their having the phone ready and available.
For instance, what happens when an employee is halfway to the office and they realize that their phone—and resultantly, their MFA key—is still at their house? Or maybe one of your remote workers discovers that their phone isn’t on its charging station where they left it, only to discover that their child has deposited it into the toilet…what happens then?
This is just one of the potential challenges that MFA can pose. So while the security benefits are clear, there is no denying that this security feature can also create stress.
Enter Adaptive Authentication
While still only being used by a limited (but growing) number of organizations, adaptive authentication takes other factors into account to determine whether or not an MFA prompt is called for.
Here’s how it works: let’s say that you go to work at the same time every weekday and perform more or less the same processes and tasks. Each person has their own typing patterns and ways to move the mouse, including you. These details can all be used to build a sort of profile of behaviors that your systems start to associate with each user. If something unusual happens—like a login attempt from an unfamiliar device at an odd time—an MFA prompt will be required. The idea is to strike a balance between security and convenience in such a way that neither your protections or your productivity is unduly impacted.
Various industries have started adopting this new approach, and while it may be some time before the average small or medium-sized business can easily do so, it’s something interesting to keep your eye out for.
In the meantime, Seamróg Technology Solutions can assist you with the other aspects of your business’ IT to help boost your security and productivity. Learn more by giving us a call at (717) 827-7400.