Site icon IT World Canada

Microsoft urges organizations to adopt multi-factor authentication

Add Microsoft to the growing chorus of tech companies urging organizations to implement multi-factor authentication as soon as possible to increase their security posture.

In a new study released Tuesday called the Digital Defence Report, Microsoft urged infosec teams to focus on cybersecurity basics, including regular application of security updates, comprehensive backup policies and, especially, enabling multi-factor authentication (MFA).

“Our data shows that enabling MFA would alone have prevented the vast majority of successful attacks,” during the 10 month-period ending in July.

During the first half of 2020, Microsoft saw an increase in identity-based attacks using brute force on enterprise accounts. “Given the frequency of passwords being guessed, phished, stolen with malware or reused, it’s critical for people to pair passwords with some second form of strong credential,” says the report. “For organizations, enabling MFA is an essential call to action.”

Passwordless authentication options are recommended for best security and user experience, the report adds. “Using an authenticator app is always the preferred option over SMS/voice authentication.”

Among the report’s findings:

The report is broken into several sections, including the state of cybercrime (covering ransomware, phishing, business email compromise, supply chain security and COVID -related attacks), nation-state attacks, remote workforce threats and actionable learnings. It could be read by senior management as well as IT pros.

Among the steps organizations can take to increase their cybersecurity today are:

The report can be downloaded here.

 

Exit mobile version