ThrottleNet Reveals The Importance of Multi-Factor Authentication In Cybersecurity

ST. LOUIS - June 1, 2022 - PRLog -- ThrottleNet named the #1 IT firm in St. Louis by Small Business Monthly, is urging small and medium-sized businesses to utilize Multi-Factor Authentication or MFA to properly safeguard access to its key corporate data.

MFA is a two-step process requiring the user to utilize multiple verification factors. Typically, the process requires something you know, a password, and something you have such as a code from your cell phone.  Once successfully authenticated, using both factors, you are granted access to the resource. The process nearly eliminates the possibility of a successful cyberattack.

"Many companies unknowingly leave their front door wide open to threats via simple attacks such as weak or compromised passwords," said Dustin Leefers, Cybersecurity Director at ThrottleNet.  "Business Email Compromise or 'BEC' is one of the most common attacks.  If an attacker gains access to your email, it opens the door for them to access almost anything. A properly implemented MFA solution will lower that risk to nearly zero."

According to Leefers, BEC usually begins with an email phishing scheme that spoofs a request from a boss, co-worker, or vendor. "The email address is changed by one letter but, at a quick glance, it appears official. That communication often includes a link containing what looks like a key report or invoice. Once the user clicks on the link and enters their credentials the attacker gains access to the account."

To combat these schemes Leefers urges companies to add a second layer of authentication such as an SMS message, push notification, or code from an authenticator app. The second factor must be used to gain access to the VPN or business application.

"Most cybercriminals are looking for low-hanging fruit, those easy to penetrate targets. Even if they have your credentials, once they see that the account is protected with MFA they will typically move on to softer targets.  This is true in all but the most targeted attacks."

Leefers added that any company utilizing Microsoft 365 can easily add MFA. "We recommend using Microsoft Authenticator for most of our clients' MFA needs. It is easy to use and the most effective solution for easily increasing account security. Similar options are also available for those using Google platforms."

"Enhanced cybersecurity practices, including MFA, are becoming mandatory for smaller companies wishing to do business with corporate entities. According to Microsoft, MFA eliminates 99% of all potential account takeover attacks.  Further, not having MFA typically results in denial of coverage, or at a minimum, higher rates for cyber insurance. It just makes good business sense to add Multi-Factor Authentication to your business operations."

Ranked as the #1 IT Firm in St. Louis and a top cybersecurity firm by Small Business Monthly, ThrottleNet, Inc. can be contacted at https://throttlenet.com