CALL TODAY! +1 212 222 7061
  • Home
  • Contact Us
  • Blog
  • 24×7 Cyber 911 Response
Report incident
  • IR & Forensics
    • Digital Forensics Services
    • Cyber Incident Response Retainer
    • Cyber Incident Response
    • Data Breach Response
    • Digital Forensics
    • Ransomware Response
    • Bitcoin Payments
  • Proactive Security
    • Proactive Cyber Defense Services
    • Managed Threat Hunting & Response
    • Remote Cybersecurity Suite
    • The Daily T.R.U.T.H.
    • Remote Worker Cyber Resilience
    • Post Ransomware Threat Hunting Services
    • Cyber Threat Hunting
    • Penetration Testing
    • Secure Code Review
    • Phishing Attack Simulation
    • Managed Detection and Response
    • Ransomware Protection Package
    • Business Email Compromise
  • Advisory
    • Cybersecurity Advisory Services
    • CISO as a Service
    • Gap Assessment
    • Cyber Resilience & Response
    • Compliance Advisory
    • Cloud Security Advisory
    • Project Management as a Service (PMaaS)
    • Tabletop Exercises
    • Cyber Resiliency Training
  • SecurityScorecard
    • Request a Demo
    • Security Data
    • Security Ratings
    • Market Place
    • Security Assessments
  • Resources
    • Case Studies
    • Technical Tools
    • Technical Guides
    • White Papers
    • Cyber Interviews, Tips & FAQ
  • Company
    • About LIFARS
    • About SecurityScorecard
    • Notable Cases and Evidence Contribution
    • Meet the Team
    • Clients Advisory Board
    • LISIRT – Computer Security IR Team
    • Cyber Alliances
    • Insurance Panels
    • Cyber Events & Webinars
    • Cyber Press Room
    • Career in CyberSecurity
    • Cyber Security Training Videos
    • LIFARS SMS Alerts
    • Hackbits Podcast

MFA Best Practices for People and Business to Interact Securely Online

05/20/21
MFA Best Practices for People and Business to Interact Securely Online

According to a Gartner report, end-user spending on public cloud services topped $257.5 billion in 2020. This figure is forecast to grow by another 18.4% in 2021 – totaling $304.9 billion. However, as we go further into the inevitable, cloud-based future, we are also increasingly being exposed. Implementing MFA best practices is one way to limit the threat to people, businesses, etc. when working online.

User credentials have always been a soft target for cybercriminals to exploit. They can be obtained through a variety of methods, using either malware or social engineering. Once obtained, they also allow threat actors to operate freely within an organization’s systems, without raising any red flags.

There are a number of reasons why implementing secure sign on practices is becoming increasingly important:

  • Remote/hybrid working environments are becoming increasingly common
  • The internet and other networked infrastructure is increasingly becoming an essential part of business operations
  • As cloud adoption grows, the number and variety of platforms we use are growing

Cybercriminals are all too well aware of these trends and are ready to abuse them in order to launch attacks against individuals and organizations.

 

In Response to the Current Cybersecurity Threats, LIFARS is Offering New and Innovative Remote Cyber Defense Solutions: The Daily TRUTH, Short-Term Incident Response Retainer, Remote Worker Cyber Resilience.

 

Alex Weiner of Microsoft has come out to say that MFA can make accounts using their OS 99.9% more secure.

However, even MFA is not foolproof by itself with a high-profile MFA bypassing incident involving Microsoft 365 as well as an FBI security advisory underlining the fact. Security experts can’t rest on their laurels and must maintain MFA best practices to maximize the effect of this technique.

Make MFA Ubiquitous

Your network is only as secure as its most vulnerable endpoints, users, or accounts. Only securing certain portals, technologies, or platforms with MFA but not others doesn’t do much to alleviate your overall threat. Hackers often exploit a single entry point to spread laterally within a network and find additional opportunities to escalate privileges and access more data. All assets should be covered with MFA, including cloud and on-premise applications and resources, servers, endpoints, and privileged commands.

Implement True MULTI-factor Authentication

2FA (Two-factor authentication) is the most common application of MFA. On top of a password, it usually involves an OTP or ACT token sent to via SMS or email account. However, this is a least-effort implementation of MFA that is also not waterproof, having been easily bypassed in the past.

There are more advanced MFA technologies to leverage, such as physical tokens or biometrics. No longer of the future, biometric fingerprint/facial scanning is even built into most leading smartphones and tablets today. Using a variety of MFA techniques or going beyond 2 layers of authentication where appropriate can drastically increase its effectiveness.

Don’t Rely Solely on MFA

Building on our first best practice, even the best MFA security nets can be bypassed thanks to human error or an exceptionally skilled/determined hacker. In this case, you want other failsafes in place to limit the potential for an infiltrator to spread their influence or escalate privileges.

Firstly, you should always enforce proper account and privilege management built on principles of least privilege. Regularly review your policies regarding who has administrator privileges and enforce even stronger authentication measures on these accounts.

Making phishing awareness training a part of your overall security operations is also crucial to empower stakeholders to not fall victim to credential stealing attempts in the first place. As is using encrypted communications and other techniques to harden your network against man-in-the-middle-type attacks.

Combine MFA and SSO (Single Sign-On)

Counterintuitively, single sign-on has been found to improve security and compliance, particularly in complex, interconnected cloud-based infrastructure. While you might be rightly concerned that SSO will automatically give an attacker ubiquitous access after successfully stealing credentials, the benefits outweigh the risks:

  • The frustration of having to repeatedly log-in to separate platforms/accounts fosters a habit of cutting corners
  • Users often use unsecure methods to manage multiple passwords or credential combinations
  • Every time a user needs to re-enter their credentials, it’s another opportunity for those credentials to be stolen
  • SSO makes account management and provisioning easier, minimizing the possibility of human error

 

 

Sources:

Best Practices for Multi-Factor Authentication

Related Posts

Share this:

  • Tweet
  • Pocket
  • WhatsApp
  • Email
  • Telegram
  • Share on Tumblr

subscribe for cybersecurity newsletter

LIFARS Cyber Security Training

  • Digital Forensics
    • Computer Forensics Services
    • LISIRT – LIFARS Computer Security Incident Response Team
    • Cyber Incident Response Retainer
    • Cyber Incident Response
    • Data Breach Response
    • Digital Forensics
    • Ransomware Response
    • Bitcoin Payments
  • Cybersecurity
    • Proactive Cyber Security
    • Managed Cybersecurity Threat Hunting & Response Service
    • Post Ransomware Threat Hunting Services
    • The Daily TRUTH
    • Remote Worker Cyber Resilience
    • Penetration Testing
    • Secure Code Review
    • Cyber Threat Hunting
    • Phishing Attack Simulation
  • Security Advisory
    • Cybersecurity Advisory and Consulting Services
    • CISO as a Service
    • Gap Assessment
    • Cyber Resilience Subscription
    • Compliance Advisory
    • Cloud Security Advisory Services
    • Tabletop Exercises
    • Cyber Resiliency Training
  • Resources
    • Case Studies
    • Technical Tools
    • Technical Guides
    • White Papers
    • Cyber Interviews, Tips & FAQ
    • Cyber Events
    • Webinars
    • QuBit Conference
  • Company
    • About Us
    • LIFARS Leadership
    • Alliances
    • Clients Advisory Board
    • Join US!
    • Video Gallery
    • Blog
    • Newsletter
    • Press Room
  • Contact Us
    contact@lifars.com
    (212) 222-7061
    LIFARS, LLC
    244 Fifth Avenue
    Suite 2035
    New York, NY 10001

© 2023 LIFARS, a SecurityScorecard company

  • Privacy Policy
  • Cookie Policy