MFA stands for Multi-Factor Authentication, sometimes also referred to as 2FA or Two-Factor Authentication, and is used to add additional security to your account logins to ensure you are who you say you are.

Authentication Factors

When we say "Factors", we refer to the following categories that can be used to verify your identity and don't require a different source of information. They include:

• Something you know like memorable objects: Passwords, security questions, id numbers, etc.
• Something you have like physical objects: a Key, Phone, USB Drive, a temporary code, etc.
• Something you are like your own physical attributes: Fingerprints, Face Scans, Retina/Iris Scans, Voice Verification, etc.

We all use Single-Factor Authentication, typically a Username and Password that is "Something you know". We can also be asked to provide additional that is still considered a single factor, like our Mother's Maiden Name or the last 4 of our Social Security Number. No matter how much additional information we supply of "Something you know", it's considered a single factor since anyone who knows the same things can gain access.

We can increase the security of our account access to a great degree by requiring more than one factor each time we log in. This is because it's much harder for an attacker trying to impersonate us as each additional factor is more difficult for them to copy.

For example, if you have the same username and password for your Social Network Profile and your Bank, and the Social Network has a data breach that exposes your information, there are now multiple people that can provide the "What you know" factor and gain access to your Bank account.

Now, if you had a Second-Factor like a fingerprint scanner, then the attacker would need to know your username, password, and have a copy of your fingerprint before they could access your account.

Why do I need it for my business?

All businesses have a risk of Cyber Attack

In our modern-age, no one is immune to the risk of data breaches and fraud. Smaller businesses are being more frequently targeted by attackers, up from 22% in 2021 to 41% in 2023. Employees of a business with less than one hundred employees will experience 350% more social engineering attacks than an employee of a larger organization.

These attacks, even if it seems they would be inconsequential, can have disastrous, direct, and lingering effects that can take years to recover. Outside of the direct monetary costs, if your data becomes compromised, it can cause damage to your brand, loss of trust with your customers, increased insurance premiums, and legal and attorney fees that all can directly affect your ability to compete.

Common Attacks

While attacks types and methods vary, here are the most common ones you should plan to protect yourself and your business from:

• Phishing: Attackers mimicking services you use to attempt to steal usernames and passwords
• Malware: Software that is secretly added to your computer to use it for the attacker's purposes - such as accessing sensitive files or attacking other computers or networks.
• Ransomware: Using unauthorized access to hold sensitive data hostage by encrypting data with a key the attacker promises to give for a large fee. Only 8% of companies that had their data ransomed and paid were given access to it again.
• Vendor Data Breaches: Attackers gaining access to your data stored with a vendor to impersonate you or to gain access your other accounts. This information can be used directly or sold to other attackers.

How MFA can protect you

Outside of employee training and securing your networks, MFA is the most powerful way to ensure those accessing business systems are who they say they are, and MFA is a recommended safeguard by the Small Business Administration. According to CISA, the use of MFA on your accounts makes you 99% less likely to be hacked.

What types of MFA work best for me?

Since the username/password of Something you know is universally used by vendors as the first factor, that leaves either Something you are or Something you have to adopt as an additional Factor. Here are available options to businesses by type and their considerations:

Something you are

Biometric MFA

"Something you are" requires devices and vendors that support biometric authentication. While modern smartphones have these capabilities (Apple's Face ID and Andorid's Fingerprint Readers), laptops and desktops have limited capabilities. Furthermore, Vendors that don't have biometric support wouldn't be able to use these advanced device capabilities, which would either limit your choices of tools or negate the advanced security that expensive devices provide.

If your organization works with the most sensitive information, such as financial and medical data, then this expensive and limited pathway is the best for you as it is the hardest to comprimise and the easiest for your employees to particiate in.

Something you have

Single-Code MFA

Most often, businesses rely on the "Something you have" factor by using a vendor-provided temporary code. These can be six or more characters that are either sent to you via email or text.

Temporary codes that are sent this way are generally seen as less secure, as the technical ways that they are communicated do not have a lot of modern safeguards and can be intercepted more easily. Also, if the vendor has an outage or a delay in their systems that communicate the single-use code, you may be forced to wait to use their services until it recovers and suffer the downtime.

Time-based MFA

Time-based Codes are those that are generated upon your request by a third-party application you maintain directly. They require the scanning of a QR Code or entering a long string of characters (that is called the seed code), and then will generate a new 6-digit code every 30 seconds.

This method of MFA tends to be the sweet spot for most organizations as it provides a high level of security, is supported by most vendors, and doesn't require the higher cost of only using devices with specific features. While there are physical devices dedicated to providing Time-based MFA, the most common way to manage these codes is using device-restricted solution (such as Google Authenticator, Microsoft Authenticator) or platform-based solutions (such as Duo or Key Forge).

Device-restricted solutions would require your employess to download and set up an app on their business or personal phone, and defaults to keeping the codes accessable to only one device. If that phone is lost or damaged, and codes were not backed up, then your employee's access to accounts will be blocked until each account is recovered.

Platform-based solutions leverage cloud technology to ensure access can be provided across multiple devices to prevent lockout due to device failure or the convenience of using the device you perform your work on without needing to stop and switch.

Why is Key Forge's MFA a better option for my business?

Okay, so here comes the pitch. If you got through all of this and are looking for an MFA solution for your small business, I think you should consider Key Forge. It differs from other tools because it is purpose-built for virtual or hybrid businesses. Some key features you won't find with most MFA offerings:

• Low monthly cost without skimping on features
• Visibility into who is using MFA for your corporate accounts
• Built-in support for shared account access, protect access to limited-seat vendors
• Easy to set up and onboard your employees, doesn't require their own devices or the purchase of dedicated items

It only takes 10 minutes for each employee to self-onboard and adds only 30 seconds to logins while giving your company the security boost it needs to prevent unauthorized access and damage to your business.

Get started today by signing up at www.keyforge.io.

More Resources

But don't just take our word for how beneficial MFA is for protecting the accounts you use. Visit the U.S. Cybersecurity & Infrastructure Security Agency (CISA) information page about MFA.

Need MFA for your Business?

Save your spot by signing up to be notified when Key Forge Cloud MFA is available.

Learn More

Join the Waitlist