In 2020, there was a 630% increase in attacks on cloud accounts. With most business data and processes happening in the cloud, attackers are targeting unprotected online accounts, and this has resulted in account takeovers, data breaches, ransomware, and more.
For example, the large ransomware attack on Colonial Pipeline that happened in May 2021 was facilitated due to an unprotected cloud account. Hackers got into the company’s network through an unused VPN account that wasn’t protected by multi-factor authentication (MFA).
Because of the way that cloud storage often syncs with other devices, one cloud account breach can quickly compromise an entire company network. Large cloud platforms like Microsoft 365 provide a treasure trove of data and attack capabilities, including sending phishing from your company email address.
The importance of company cloud workflows has made password security a major priority for companies. They need to protect their accounts, which are often vulnerable due to weak user passwords.
The method that has proven the most effective at securing online accounts is multi-factor authentication. According to Microsoft, which sees about 300 million fraudulent sign-in attempts on its services daily, MFA can block 99.9% of all fake login attempts.
With that type of track record, every company should be using MFA to secure their accounts. Enterprises have largely gotten the message, with about 87% of them using MFA. But when it comes to small and medium-sized companies, there is a lack of best practices being used.
Only 44% of mid-sized companies and 27% of small businesses are using multi-factor authentication. This leaves all their online accounts and cloud apps at a much higher risk of being hijacked.
Why aren’t more SMBs using multi-factor authentication? It’s largely because of employee pushback that it’s going to slow them down and worry about productivity being impacted.
But this doesn’t have to be the case if you follow the following tactics for deploying MFA the right way to mitigate user resistance and improve user experience.
How to Implement MFA Successfully at Your Louisiana Business
Give Employees a Choice of MFA Options
You can reduce user resistance and help employees get on board with the change in their workflow by giving them a choice of how they use multi-factor authentication.
There are a few different options for that additional authentication factor which allows you to offer at least a little flexibility and ownership of the process.
You could allow employees to choose between the following:
- Receiving the MFA code by SMS
- Receiving the MFA code through an authentication app
- Using a separate security key to authenticate
- Using a fingerprint scan or other biometric
Invite Your Staff Into the Process & Manage the Change
It may seem like a good idea to put the backend systems in place for MFA and then only tell employees right before you implement it, but this approach can cause resentment. People may feel like they were left in the dark and are now being blindsided by a major change to their daily IT workflow.
Instead, use the tactics of change management to help guide employees through the process. This means bringing them in at the beginning of your project, communicating with them, addressing their concerns, and ensuring they have the proper training to adopt the new process.
Managing the change, which in this case is the adoption of MFA, can significantly increase your chances of a successful transition with little to no resistance.
Introduce a Single Sign-On (SSO) Solution at the Same Time
You can keep MFA from adding any additional time to an employee’s workflow by introducing SSO at the same time. With SSO, employees will only have to enter their username and password and go through the MFA prompt just once to log into all their work cloud accounts and apps.
Introducing SSO and MFA at the same time can actually get your team excited about adding multi-factor instead of dreading it.
Give Your Team Support After Implementation
You shouldn’t consider the project “done” after your team has begun using MFA with their logins. It’s often in 2-4 weeks after a new process change that users run into the most road bumps.
Set up a help desk that users can easily access in the weeks following MFA implementation to give them the support they need to be successful. This is a critical step in any change adoption, and it helps ensure that a new process is sustained and users don’t revert to old workflows and processes.
Get Help Successfully Deploying This Vital Security Element
Don’t leave your company’s online accounts unprotected! Carl’s Computer Care can help your Louisiana business with an affordable and successful deployment of multi-factor authentication and single sign-on to secure your cloud accounts.
Contact us today to schedule a consultation! Call 225-315-3498 or reach us online.