Requiring multifactor authentication might seem onerous, but organizations that implement a plan can better protect themselves against breaches, data theft, and fraud.
It’s hard to miss headlines related to the latest data breach. Cybersecurity breaches occur regularly, and they result in massive quantities of stolen usernames and passwords. In fact, more than 80% of attacks are the result of credential theft, often originating from a successful email phishing attempt.
Beyond stealing credentials, attackers are also constantly password guessing online portals to see what sticks. Try standing up a basic webpage with a login portal in a cloud service. Within a day, those web server logs will be filled with traffic from automated tools attempting combinations of common usernames and passwords. Some of these guessing tools even use username and password combinations from the latest breaches, meaning that if employees are reusing credentials from other compromised websites, an attacker could easily gain authenticated access to an organization as that employee – it’s all just a matter of time.