• August 17, 2022

How Multi-factor Authentication Can Benefit Your Industry

Depending on what industry you’re in, your approach to security may be very different. For some sectors, like finance, security and data protection are top of mind for everything that is done. Financial services organizations typically experience the most data breaches and hacks, which makes security a priority. But what about healthcare? Patient data is highly sensitive and confidential. Yet somehow, security is rarely talked about in relation to healthcare. For almost every industry, multi-factor authentication can be beneficial. In a recent survey by Microsoft, they discovered that implementing MFA alone can reduce the likelihood of an account being compromised by a whopping 99.9 percent.

What is Multi-factor Authentication?

Multi-factor authentication (MFA) is any password that requires multiple steps or components to facilitate logging in. It isn’t a specific means of confirmation, but it can include various password components. Some methods that may be familiar are one-time codes sent by SMS or email, biometric authentication, or another piece of confidential information. After asserting the identity for the first time, additional authentication can run in the background and confirm known information. For example, it can use adaptive authentication—an IP address or geographic location—and compare it to typical behavior for the account. 

Benefits for Healthcare

Although multi-factor authentication is beneficial from a security perspective, healthcare can benefit from it from a legal perspective. With so many healthcare staff working remotely, it is critical to remove risks surrounding non-repudiation. For example, patient data is constantly being shared between doctors, providers, insurance companies, and other stakeholders. To release this data, it is required that those involved must attach their name and signature to authenticate and ensure integrity. In an office setting, this can be done easily through a paper form. E-signatures, however, are a lot more difficult to authenticate and validate. MFA can help to provide an additional validation when signing over patient information. 

Benefits for Financial Services

The finance industry is one of the most targeted industries for security breaches and data hacks. And for that reason, implementing MFA can be truly beneficial. Since the pandemic began in March, data hacks, including simple phishing attacks, have been on the rise. Banks are some of the biggest targets of these kinds of attacks. There have been significant steps to implementing multi-factor authentication for client accounts for mobile and online banking, but for employee accounts on the backend, MFA isn’t always a priority—and it should be.

With the world shifting to remote work, bank employees are now accessing systems with sensitive information from many different locations, and with fewer security measures in place. This makes it harder for IT to verify the identities of employees and confirm their access levels. By implementing a simple or more robust MFA process, there is evidence in place, beyond a password, that the user is in fact who they say they are. Secret PINs, a bank card, or biometric authentication can help to implement an additional layer of safety for especially valuable information. 

Considering MFA

It may be difficult to envision how MFA can benefit your business, especially in situations beyond security. As the world changes due to the pandemic, and more people stay in remote working positions, it’s time for businesses to understand how they can support protective measures to safeguard data. MFA provides an extra layer for authenticating identities, which can be extremely important when you can’t see who is on the other side of the screen.

Adam Glick 0 Posts

Adam is currently the Chief Information Security Officer for Rocket Software in Waltham, MA. Previously, he was the Vice President of Cyber Risk for Brown Brothers Harriman where he focused on program, policy, controls, threat intelligence, and incident response. Prior to this role, he was the Vice President of Information Technology and Information Security Officer for Century Bank for 5 years. His responsibilities included operationally managing all IT systems and all matters pertaining to information security, risk, policy and procedure. Adam is currently an adjunct professor at Boston College in the cybersecurity policy & governance program, and an adjunct professor of IT in the MBA program at the School of Business at Providence College. Prior to these roles he worked as a Security Engineer at Brown University and a Security Analyst at Providence College. He received both his undergraduate degree in education and his MBA from Providence College. Outside of the office, he is a car and technology enthusiast along with an avid reader, hiker, cyclist, and Brazilian Jiu-Jitsu practitioner.



    August 24, 2020 at 8:38 am

    A question that always shows up when discussing MFA with IT organizations is ‘ Should I have MFA deployed in each of my platforms (Z/OS, Windows, Linux, ) or it is enough to have it just on my desktop for Loging in the corporate network ????? ‘ Could you, please , elaborate on that ? tkx

    • Julie Bergh Reply

      February 9, 2021 at 8:52 am

      Daniel, I recommend that MFA be deployed everywhere. Not just on the desktop. I recommend to customers to use MFA on z/OS as this is close to the resource. IBM does studies on the insider threat and having MFA on the mainframe works to reduce this threat.

  • Julie Bergh Reply

    February 8, 2021 at 4:05 pm

    Daniel, I recommend that you have MFA for z/OS, as it is held as close as possible to the resource. With insider threat this ensures the z/OS is more secure that just having MFA on Windows and/or linux.

Leave a Comment

Your email address will not be published.