Counties are struggling to protect systems and data, as cybercriminals took advantage of the impact of the pandemic while many counties were distracted with trying to implement new services required to support employees and citizens.
For example, cybercriminals took advantage of citizens as they looked to their inboxes for unemployment information, stimulus payments and other transactions requiring Personally Identifiable Information (PII).
It is no wonder that cybersecurity, and more specifically multi-factor authentication (MFA) has become a top initiative for many counties across the nation.
Multi-factor Authentication Continues to be a Cybersecurity Best Practice
While many security measures are being put in place, MFA solutions are a cybersecurity best practice when it comes to securing access, whether it’s remote or on-premises, and reducing, even preventing cyberattacks. Some of the most common authentication methods that are used today include hardware tokens, push tokens and phone-based one-time passwords (OTPs).
However, what happens when our traditional MFA methods start to fail us?
Traditional MFA Methods Are Under Attack & Inconvenient
First traditional MFA methods are under attack. For example, in a recent article, on vice.com, a hacker was able to leverage a business text messaging service and for a mere $16 take over the victim’s phone number and intercept all of their SMS messages. These messages included those with OTPs for gaining access to secure accounts.
On the other side MFA methods remain inconvenient and disrupt employees and citizens as they complete day-to-day tasks. Both employees and citizens can become sources of cyber risk as they resist, avoid and refuse to adopt inconvenient MFA methods.
While best practices, and security architectures such as Zero Trust, require using MFA 100% of the time for 100% of all your users, if they won’t adopt it, that is impossible to achieve.
Modernize Your Multi-Factor Authentication Approach
So, it’s time to evolve your MFA approach and make sure it is capable of adapting to the future state of cyberattacks and the needs of your employees and citizens.
Here are three recommendations for making sure your county’s MFA strategy is ready for the future:
- Apply advanced authentication approaches: this includes the use of contextual authentication and step-up authentication to be able to strike a better balance between security and convenience. Bringing in the context of the access request or the type of application being accessed can not only make it more difficult for cybercriminals to gain access, but also reward employees and citizens when they are requesting access appropriately.
- Flexible Options are Essential: make sure you have multiple methods of authentication, and most importantly, that you are able to give multiple options to each user as they try to login. For example, if you have your security policy setup for citizens to login with an SMS-delivered OTP and they don’t have cell phone reception, what options do they have to log in? Offering a few different methods for each user to choose from, controlled by a security policy, is the best way to achieve flexibility and provide a convenient login experience.
- Include Biometrics: while biometrics have been adopted for certain use cases, such as election security, they have become a “must-have” for your MFA strategy. With successful cyberattacks on phone-based methods and the hassle of using methods such as hardware tokens, biometrics has become the most convenient and secure method according to recent research by Raconteur. With nothing to carry, remember, share, or have stolen, biometrics is an excellent authentication method to secure all access.
It’s Time to Change
With the increase and evolution of cyberattacks, your multi-factor authentication strategy needs to adapt. The authentication methods, such as hardware tokens and phone-based OTPs, are starting to fail us. A modern MFA strategy needs to be considered that includes advanced authentication approaches, flexible options to give the user a sense of control, and the most secure and convenient authentication method – biometrics.