Implementing MFA, where do I start?
We are pleased to introduce Jelte Wolf to you. Jelte is an enthusiastic and very enterprising Cloud Engineer at Universal IT. His expertise and passion is focused on translating business processes into smart IT solutions that create immediate value.
Jelte: “Since the start of the corona pandemic, the adoption of technologies has accelerated within companies. This has ensured that work in our lives can be performed more easily and efficiently. However, this also has its downside: The more we depend on technology, the greater risks becomes concerning cybercrime.”
To prevent cybercrime, more and more companies require their employees to use Multi-Factor Authentication, also known as MFA. We speak of MFA if at least two of the three authentication types are requested when accessing (logging in) company resources. The three authentication types are: 1. Something you know (a password), 2. Something you have (Authenticator app or SMS with a code on your phone) and 3. Something you are (fingerprint scanner or facial recognition on your phone like Apple Face ID or Microsoft’s Windows Hello)
By using MFA, a password alone is no longer enough to log in. Based on the following eight steps you ensure that your organization is safer against cybercrime:
- Centralize all users (eg Azure Active Directory);
- Map out the status of the MFA implementation for users within your organization;
- Map out which applications cannot (yet) handle MFA;
- See what is needed to ensure that these applications can handle MFA;
- Phase-out or update applications so that they can use MFA;
- Convince and educate employees of the value of MFA;
- Set a policy that requires MFA within the organization for all users (including administrators and any temporary test users and environments)
- Completely disable all legacy authentication methods such as POP and IMAP.
“In my current job as a Cloud Engineer I perform Security as a Service Quick Scans for Microsoft 365 and Azure environment. In this Quick Scan I inventory the current security state of seven components.
We use these seven components as the starting point for our advice to improve your company security.
- Current secure score
- RBAC (Role-Based Access Control)
- MFA status within the organization
- Legacy authentication
- Device enrollment
- Email & Document security
- (Azure) Active directory
We discuss the advice from the Quick Scan together. We agree on which advice I or my colleagues can contribute to. In addition, we evaluate the Secure Score from the Quick Scan and the status of the advice every quarter.
Would you like to know more about our Security as a Service Quick Scan? Click on the button below and make an appointment to discuss the possibilities of a Security as a service Quick Scan.