In 2023, over 1000 companies were hit worldwide by Ransomware and over 15 billion credentials were stolen and obtained globally through hacking and phishing companies and users, causing havoc on an unfathomable scale. This trend is not going away and it is getting more advanced, so its only a matter of time before you become a target.
Your credentials are your identity, this can be used if not protected, to fake emails to accounts teams or to users asking for money transfers, make orders and payments, especially when debit / credit cards are saved on unprotected accounts. This would be causing unnecessary stress and additional workloads and to some extreme situations, dismissal from a place of work or put businesses into administration. This is just some of the causes of not having 2FA / MFA enabled.
Think of 2FA (Two Factor Authentication) as an extra layer beyond a username and password for access. MFA (Multi Factor Authentication) is enhancing that with a more robust control mechanism, which could be biometric access, email, push etc. 2FA / MFA is a measure of security to strengthen your digital identity, safeguarding you and your company’s information from being as vulnerable.
2FA / MFA can be applied to almost all cloud-based services, VPN and Remote applications, however not all services have provisions for allowing this. So, when signing up for a cloud service, sometimes you must look for the options to enable the additional protection, other times you are not given a chance to skip without supplying additional details. In most cases, Microsoft can help protect your Office 365 workload, Google can help protect your Workspace and applications such as Cisco Duo can protect your VPN and cloud services by use of federation or by implementing a radius server.
The types of authentication are shared between 2FA and MFA variations, of which most are supported by Microsoft, Cisco Duo, Google and many more providers, however not all methods are required for authentication. Some of these methods are listed below and you generally choose what is preferred or easier for the use case.
2FA Methods
MFA Methods
MFA is the preferred method and is seen to be more secure than 2FA.
With 2FA, when you sign into an account, whether that is for personal or business use, you may be prompted for a username and password, this is a single factor. After the credentials are added, you may be sent an SMS, email or need to generate an OTP code that changes every 30 seconds.
With MFA, you may just have to add your username initially and then verify using biometrics - very much like unlocking your mobile phone with face ID or Windows Hello to unlock your PC, or by a USB security key inserted with Pin protection.
Ultimately, you may have a password manager or authentication application on your mobile device linked to your protected accounts. This can help manage and store your details for easy access. This itself is protected by biometrics or pin protection on your phone. However, if you lose access to your phone, you may also lose access to your accounts, unless you have other authentication methods stored on your accounts.
Implementing MFA is a critical step forwards to enhancing security, however, does take some planning, so you really need to look at the following.
Remember, 2FA / MFA is not just an IT initiative, it’s a strategic decision that helps protect your organisation assets and reputation. So, by compelling a case, you can drive some positive changes to fortify your digital defences.
Symetri's focus on 2FA / MFA allows us to help move your organisations security forwards, by creating a compelling case to give to the lead stakeholders. We can also help implement most of these changes and provide training. If you require any further advise relating to this article, please reach out to your account manager or contact Symetri by filling the form on the right.
As cyber threats continue to grow more complex, securing how we store, manage, and share data is critical. This month’s bulletin dives deep into three key topics: how to ensure safe file storage and transfers, understanding the risks and benefits of password managers, and identifying the top cyber threats to watch in 2025. Whether you’re a business leader or an everyday user, taking proactive steps now can prevent serious problems down the road.
In this blog post, our Principal Consultant, Enrique Barriuso, takes a closer look at what's new in Autodesk Civil 3D 2026. Building on previous versions, this release brings a range of new features, enhancements, and updates.
Optimising BIM and digital tools in architecture and engineering is revolutionising the industry. By integrating technologies like AI, cloud computing, and data analytics, professionals can enhance collaboration, reduce errors, and streamline workflows. In this blog, we'll explore how leveraging these tools can lead to more efficient and successful project outcomes.