What is MFA or Multi-Factor Authentication and why is your cyber insurer mandating that you have it?
MFA or Multi-Factor Authentication is a cybersecurity tool that requires you to confirm your identity prior to gaining access to a network, system, or website using multiple factors.
We are accustomed to providing a user name and password to access websites, but what is that other “factor” needed to gain access? The most common third or multi-factor is going to be a special pin that is forwarded to your mobile phone which you then enter into the log-in process. It can also be a pin secured from a program such as Google Authenticate.
The thinking is that a non-authorized user is not going to have access to your cellphone to see that PIN so that multiple layers of authentication help add security to the access point.
In the past, you may have hesitated to use MFA because it was an extra step or it was cumbersome. But, today with the volume of cyber attacks and scams that occur every day – this tiny bit of inconvenience I think is worth it for the extra protection it delivers to keeping your data, your money, and your privacy safe.
What should you install Multi-Factor Authentication on?
Generally, anything you value. It could be access to your network, your email, your banking, your portals, etc.
Why are many cyber insurers mandating MFA on the renewals of their cyber insurance policies?
It’s due to the huge spike in claims that most cyber insurers are experiencing over the past 12 months and they are looking for insureds to control cyber risk as best as they can and MFA is a relatively easy step they can deploy to provide an extra level of security.
In fact, if you can’t demonstrate that your firm is using MFA you may see your insurer non-renew your policy, or increase the premium, or increase your retention or deductible.
Here’s the bottom line.
Small businesses don’t have the resources and tools to secure their networks or data as big companies do, so taking the initiative to deploy MFA is a good one that provides a lot of extra protection for little to no cost and only takes a few extra seconds to work. If you choose not to deploy MFA expect higher premiums for cyber insurance and potentially put your data, privacy, and money at risk.
Have other questions about cyber insurance, or business insurance in general? Click the button below to book a call on my calendar. Thanks!