publish date is May 7th, 2020
By: Brian Gammon, vCIO

With employees working from home, it is more important now than ever to utilize a wide array of tools and practices to keep your environment secure. This can range from employee education to policy development to the implementation of sophisticated tools to safeguard your data. One such tool, known as Multi-factor Authentication (MFA) is a security mechanism that requires an individual to provide two or more credentials in order to authenticate their identity. In IT, these credentials take the form of passwords, hardware tokens, numerical codes, biometrics, time, and location. Many assert multi-factor authentication has evolved as the single most effective control to insulate an organization against remote attacks, and when implemented correctly, can prevent most threat attackers from easily gaining an initial foothold into your organization, even if credentials become compromised. Despite this, we still see many organizations which do not leverage MFA to better secure their environment or only leverage it for a narrow set of applications with no formalized standards. Two barriers we often hear are a fear of negatively impacting the end user experience by requiring extra steps to do work, and to a lesser extent, application capability. We encourage organizations to carefully evaluate the potential risks and weigh them against these barriers and strive to formalize a strategy and proactive implementation plan. It is important to note that because of the continuing evolution of MFA, even if your organization has previously implemented this tool, it is imperative to revisit best practices and apply updates due to the rapidly changing nature of this offering. Defining a strategy around maintaining your MFA is almost as critical as the implementation itself. We recommend you use MFA whenever possible, especially when it comes to your most sensitive applications and data, such as your primary email, financial accounts, customer data, proprietary information, intellectual property, and other critical business information. To get started, here are some best practices to prepare for implementation:

this will define your most critical assets and approach to further protect them with milestones and a timeline.

this is your documented list of applications and data stores including additional relevant attributes

note login controls and polices in place.

this will help prioritize highest risk items first.

take action to safeguard the top tier and then move to address the rest over time.

ensure your progress is sustainable by embracing an ongoing process which includes formalized metrics and measurements.

Sophisticated Systems utilizes a set of established best practices and standards and has a variety of partnerships that can be leveraged to help your organization implement Multi-factor Authentication

Sophisticated Systems’ has been providing technology services and solutions to Central Ohio for more than a quarter-century. Our Technology Solutions Group has more than 200 years of expertise amongst its team, and we are knowledgeable and experienced in developing Disaster Recovery plans.
We offer customizable technology solutions that fit the needs of our clients. Our skilled technology professionals deliver measurable value to our clients so that they can focus on their business priorities.

Our suite of technology services and solutions includes IT projects, managed services, cloud services, technology deployment, network monitoring and security, hardware and software procurement, and professional services.

SSI has been recognized multiple times for its dedication to uplifting the Central Ohio community as Corporate Caring award finalist and recipient, as well as one of the fastest growing companies, both locally and nationally, by Columbus Business First, FORTUNE and INC. magazines.