What and why is 2FA / MFA important?


In 2023, over 1000 companies were hit worldwide by Ransomware and over 15 billion credentials were stolen and obtained globally through hacking and phishing companies and users, causing havoc on an unfathomable scale. This trend is not going away and it is getting more advanced, so its only a matter of time before you become a target.

How can this impact the user or business?

Your credentials are your identity, this can be used if not protected, to fake emails to accounts teams or to users asking for money transfers, make orders and payments, especially when debit / credit cards are saved on unprotected accounts. This would be causing unnecessary stress and additional workloads and to some extreme situations, dismissal from a place of work or put businesses into administration. This is just some of the causes of not having 2FA / MFA enabled.

What is 2FA / MFA?

Think of 2FA (Two Factor Authentication) as an extra layer beyond a username and password for access. MFA (Multi Factor Authentication) is enhancing that with a more robust control mechanism, which could be biometric access, email, push etc. 2FA / MFA is a measure of security to strengthen your digital identity, safeguarding you and your company’s information from being as vulnerable.

Where can 2FA / MFA be applied?

2FA / MFA can be applied to almost all cloud-based services, VPN and Remote applications, however not all services have provisions for allowing this. So, when signing up for a cloud service, sometimes you must look for the options to enable the additional protection, other times you are not given a chance to skip without supplying additional details. In most cases, Microsoft can help protect your Office 365 workload, Google can help protect your Workspace and applications such as Cisco Duo can protect your VPN and cloud services by use of federation or by implementing a radius server.

What type of authentication methods are there?

The types of authentication are shared between 2FA and MFA variations, of which most are supported by Microsoft, Cisco Duo, Google and many more providers, however not all methods are required for authentication. Some of these methods are listed below and you generally choose what is preferred or easier for the use case.

2FA Methods

  • SMS
  • Push Notifications to mobile devices
  • OTP (One Time Password)
  • Email
  • Memorable Data

MFA Methods

  • Biometrics (face, finger, retina, voice)
  • Security Key
  • Location Based
  • Time Based
  • Recovery Codes

MFA is the preferred method and is seen to be more secure than 2FA.

How does it work?

With 2FA, when you sign into an account, whether that is for personal or business use, you may be prompted for a username and password, this is a single factor. After the credentials are added, you may be sent an SMS, email or need to generate an OTP code that changes every 30 seconds.

With MFA, you may just have to add your username initially and then verify using biometrics - very much like unlocking your mobile phone with face ID or Windows Hello to unlock your PC, or by a USB security key inserted with Pin protection.   

Ultimately, you may have a password manager or authentication application on your mobile device linked to your protected accounts. This can help manage and store your details for easy access. This itself is protected by biometrics or pin protection on your phone. However, if you lose access to your phone, you may also lose access to your accounts, unless you have other authentication methods stored on your accounts.

Convincing your organisation to adopt MFA?

Implementing MFA is a critical step forwards to enhancing security, however, does take some planning, so you really need to look at the following.

  • Risk Assessment
  • Business Impact
  • Regulatory Compliance
  • Cost-Benefit Analysis
  • User Education
  • Vendor Support
  • Training and Support
  • Pilot Program

What are the benefits?

Remember, 2FA / MFA is not just an IT initiative, it’s a strategic decision that helps protect your organisation assets and reputation. So, by compelling a case, you can drive some positive changes to fortify your digital defences.

How can Symetri help?

Symetri's focus on 2FA / MFA allows us to help move your organisations security forwards, by creating a compelling case to give to the lead stakeholders. We can also help implement most of these changes and provide training. If you require any further advise relating to this article, please reach out to your account manager or contact Symetri by filling the form on the right.

 


Hidden Risks You Might Be Ignoring

21 May 2025

In this month’s IT Bulletin, we’re shedding light on the cybersecurity threats that often go unnoticed — but can have serious consequences for businesses of any size.

How to Simplify Configuration for your Engineering Software

20 May 2025

In this blog, we’ll look at some common challenges teams face when configuring engineering software and share practical tips on how to simplify the process. We’ll also explain how Symetri’s solutions can help you optimise your software setup, reduce errors, and keep your projects running smoothly.

4 ways to optimise your construction projects in the cloud

19 May 2025

Managing a growing number of Autodesk BIM 360 or Autodesk Construction Cloud (ACC) projects can quickly become overwhelming - especially when it comes to project setup, user management, and data backups. With the right tools, you can eliminate manual inefficiencies, boost productivity, and focus on more strategic initiatives. If your team works with BIM 360 or ACC, this blog focuses on four powerful ways Naviate Cloud Manager can streamline your operations.