Why Office 365 multi-factor authentication is the key to strong security
With organisations increasingly favouring cloud computing, data security is one of those things that many people know they need to prioritise but often don’t address until it’s too late. Yet with more data being exchanged between devices around the world every day than ever before in history, it’s more important than ever to protect your data against hackers.
Many people aren’t aware that Microsoft Office 365 has some of the best in-built systems for data protection on the market (often at no extra cost). Recognising the inherent risks that come with storing data in the cloud, Microsoft have developed sophisticated security and data protection capabilities in Office 365 to prevent unauthorised access to sensitive information.
The rise of the machines
The rise of employees using personal devices like iPads and smartphones to access work data from unsecured networks (like WiFi hotspots in cafes and airports) increases the risk of security breaches. The ability to access cloud data anywhere, anytime on any device represents a substantial hacking threat for Australian businesses large and small.
With Microsoft Office 365 offering the opportunity to deploy extra layers of authorisation, businesses are in a good position to protect themselves against costly data breaches. In our business we see many businesses that want to protect against data theft from competitors or security breaches that come via unknown hackers, and that’s one of the reasons we recommend Microsoft’s Enterprise Mobility Suite (EMS) and Multi-factor Authentication (MFA), because it provides powerful security that most businesses aren’t even aware of.
Multi-factor authentication is the answer
Microsoft’s Azure Multi-factor Authentication essentially reduces the risk of a hacking incident or other form of cybercrime, by adding layers of authentication before emails, files and other data stored in Office 365 can be accessed. Just like banking websites require users to enter a special code sent via text message in order to add new payees to the account, Microsoft has added layers of security designed to protect data stored in the cloud. In order to sign in and retrieve emails or access files, the user must enter their password and then also pass a verification process that could involve:
- Answering a text message or phone call
- Receiving an app notification or verification code
- Receiving a third party OATH token/access code
It’s also possible to whitelist ‘safe’ IP addresses so that MFA isn’t applied when working on a known work network. This means that as soon as someone tries to access cloud data via an unknown network they will be required to use MFA to gain access to the cloud.
So why bother?
While multi-factor authentication adds a layer of complexity to accessing data outside of the work network, the minor interruption it causes is worth the payoff when you consider the risks associated with unsecured data. There are many scenarios in which a data breach could be harmful to a business, with the legal, property, finance, accounting, government and medical sectors handling large amounts of sensitive personal information every day. These sectors not only have a duty to protect their own company data, but the data of their clients also. Outside of those sectors, any business risking loss of intellectual property held within proposals, contracts, business plans, reports and tender submissions, is likely to benefit from using multi-factor authentication.
Ultimately, not doing everything in your power to secure your data and prevent hacking is kind of like leaving the front door to your business open when you leave at night. While you may get away with it for a day or two, in the end it’s likely that your luck will run out at some point and by then it will be too late to turn the clock back and undo the damage done to your business.
If you want to know more about Office 365’s multi-factor authentication capabilities and whether it’s right for your business, contact us now for an obligation-free chat.