Implement Multi Factor Authentication

Your business is exposed to risk every day, so managing that risk is an inherent part of business survival.

In recent years the risk from cybercrime has increased significantly. All forms of attack are on the increase with phishing attacks one of the most prevalent. The UK Government’s Cyber Security Breaches Survey 2021 stated that 83% of businesses surveyed had identified phishing attacks and 27% had experienced an impersonation attack (also known as Business Email Compromise or spear phishing).

An increasingly successful way to thwart these types of attack is to implement Multi Factor Authentication. We’ll explain what this is and how it helps in this blog, but first let’s explain what a phishing attack is.

What is a phishing attack?

A phishing attack is a fraudulent attempt to try and acquire sensitive information or data, or an attempt to install malware. They are usually conducted via emails that encourage the recipient to take an action they shouldn’t and can be very convincing. And there are different types to look out for. More common phishing attacks send fraudulent emails to very large numbers of recipients, with the expectation that only a few will respond, so they are not targeted, whereas Business Email Compromise, or spear phishing, is more sophisticated and targets individuals or small groups. They often impersonate a senior member of the organisation or trusted partner and attempt to gain not only sensitive data but also the transfer of funds.

It’s important for businesses to be aware of these types of attacks and have a best practice plan on how to prevent and deal with them.

One way that you can protect your business from phishing attack is to implement Multi Factor Authentication (MFA) across your business. This will mean that to access business systems, two forms of authentication will be required. This additional layer of security will help to keep your business secure.

We recommend that you implement MFA across your entire business, not just finance, IT and HR departments, because criminals are not just looking to acquire data and information, they often want to disrupt systems. With any weak links in your business structure, you are providing the cybercriminal with an opportunity to infiltrate your business.

MFA across your business will protect your data and help to shield you from ransomware attacks, which are a growing threat. Correctly implemented Travelers Europe, one of our insurer partners, state that businesses can block up to 99% of account compromise attacks, so whilst the implementation of MFA across your business might seem like a lot of hard work and effort, the protection it affords could prove invaluable.

To implement MFA, additional verification credentials must be met using information from the following categories:

• Something you know – a password, PIN or passphrase
• Something you have – a smartcard, token, security badge or Google Authenticator
• Something you are – fingerprint, facial scan, voice recognition or retina scan

By implementing MFA you are ensuring that anyone accessing your systems needs to identify themselves with more than just a username and password. The additional credentials required add an additional layer of security, making stealing information/monies more difficult for the cybercriminal.

If you would like to talk to an expert adviser about your exposure to cyber risk and how to create a robust risk management plan, please get in touch and we’ll be pleased to help. We can review your insurance cover to make sure you are protected against potential cyber events and other areas commercial risk.

Contact us on 01480 272727, complete our enquiry form or send an email to enquiries@barnesinsurancebroker.co.uk – we’ll be happy to assist.