Day after day, adversaries connect to their victims' services and applications using means such as:
How can SMBs protect their critical data and personal information (Bill 64 compliance) against theft, malicious access, destruction, encryption and more broadly against downtime?
Today we're going to focus on multi-factor authentication, keeping in mind an alarming disparity, as reported by Microsoft:
One of the most common ways adversaries gain access to corporate data is by guessing weak passwords or stealing them, whether through phishing or buying them on the Dark Web.
From there, they get the same permissions as legitimate users, including administrators and power users.
The goal of multi-factor authentication is to create an additional layer of defense beyond just using a password.
Multi-factor authentication requires at least two independent pieces of information (2FA) to verify a user's identity when attempting to log in or access a resource.
For example, Azure AD multi-factor authentication requires at least two of the following authentication factors:
Companies that purchase cyber insurance are no doubt aware of today's minimum requirements for multi-factor authentication.
Today to benefit from coverage it is necessary that MFA be applied at least to the following situations:
It would also be appropriate to add multi-factor authentication to the backup solution.
Still, the best practice should be to implement MFA for all users, 100% of the time, especially if, as in the case with M365, companies can maximize features they already have with their plans.
There are several ways to enable MFA with M365, depending on the plans in use and the level of control and flexibility desired.
The table below provides a high-level overview. Legacy per-user mode is not mentioned, as it is being retired by Microsoft.
These policies can allow single-factor login when the user is on the corporate network and/or on a registered device, but require additional verification factors when the user is remote or on a registered personal device.
Conditional Access policies are based on "if-then" statements, as shown below.
As a Microsoft Gold Partner, our platform of choice for multi-factor authentication is Azure AD, which makes it very easy and integrated to meet different requirements, from the simplest (default security) to the most sophisticated (conditional access with or without integration with Azure AD Identity Protection included with Azure AD P2).
Deploying attack-resistant user authentication is the first initiative to put in place from a Zero Trust perspective.
The right use of technology addresses business challenges and drives business growth in all areas of an enterprise. We hope this blog will offer insight into developing strategies and tactics to enable you to identify those key drivers of growth and keep pace with and anticipate the rapid technology change of today.