How Multi-factor Authentication Can Benefit Your Industry
Depending on what industry you’re in, your approach to security may be very different. For some sectors, like finance, security and data protection are top of mind for everything that is done. Financial services organizations typically experience the most data breaches and hacks, which makes security a priority. But what about healthcare? Patient data is highly sensitive and confidential. Yet somehow, security is rarely talked about in relation to healthcare. For almost every industry, multi-factor authentication can be beneficial. In a recent survey by Microsoft, they discovered that implementing MFA alone can reduce the likelihood of an account being compromised by a whopping 99.9 percent.
What is Multi-factor Authentication?
Multi-factor authentication (MFA) is any password that requires multiple steps or components to facilitate logging in. It isn’t a specific means of confirmation, but it can include various password components. Some methods that may be familiar are one-time codes sent by SMS or email, biometric authentication, or another piece of confidential information. After asserting the identity for the first time, additional authentication can run in the background and confirm known information. For example, it can use adaptive authentication—an IP address or geographic location—and compare it to typical behavior for the account.
Benefits for Healthcare
Although multi-factor authentication is beneficial from a security perspective, healthcare can benefit from it from a legal perspective. With so many healthcare staff working remotely, it is critical to remove risks surrounding non-repudiation. For example, patient data is constantly being shared between doctors, providers, insurance companies, and other stakeholders. To release this data, it is required that those involved must attach their name and signature to authenticate and ensure integrity. In an office setting, this can be done easily through a paper form. E-signatures, however, are a lot more difficult to authenticate and validate. MFA can help to provide an additional validation when signing over patient information.
Benefits for Financial Services
The finance industry is one of the most targeted industries for security breaches and data hacks. And for that reason, implementing MFA can be truly beneficial. Since the pandemic began in March, data hacks, including simple phishing attacks, have been on the rise. Banks are some of the biggest targets of these kinds of attacks. There have been significant steps to implementing multi-factor authentication for client accounts for mobile and online banking, but for employee accounts on the backend, MFA isn’t always a priority—and it should be.
With the world shifting to remote work, bank employees are now accessing systems with sensitive information from many different locations, and with fewer security measures in place. This makes it harder for IT to verify the identities of employees and confirm their access levels. By implementing a simple or more robust MFA process, there is evidence in place, beyond a password, that the user is in fact who they say they are. Secret PINs, a bank card, or biometric authentication can help to implement an additional layer of safety for especially valuable information.
Considering MFA
It may be difficult to envision how MFA can benefit your business, especially in situations beyond security. As the world changes due to the pandemic, and more people stay in remote working positions, it’s time for businesses to understand how they can support protective measures to safeguard data. MFA provides an extra layer for authenticating identities, which can be extremely important when you can’t see who is on the other side of the screen.
3 Comments
DANIEL RAISCH
August 24, 2020 at 8:38 amA question that always shows up when discussing MFA with IT organizations is ‘ Should I have MFA deployed in each of my platforms (Z/OS, Windows, Linux, ) or it is enough to have it just on my desktop for Loging in the corporate network ????? ‘ Could you, please , elaborate on that ? tkx
Julie Bergh
February 9, 2021 at 8:52 amDaniel, I recommend that MFA be deployed everywhere. Not just on the desktop. I recommend to customers to use MFA on z/OS as this is close to the resource. IBM does studies on the insider threat and having MFA on the mainframe works to reduce this threat.
Julie Bergh
February 8, 2021 at 4:05 pmDaniel, I recommend that you have MFA for z/OS, as it is held as close as possible to the resource. With insider threat this ensures the z/OS is more secure that just having MFA on Windows and/or linux.