Enforce MFA for System Administration and Security Consoles ✔

Multi-Factor Authentication (MFA) is a security measure that requires two or more proofs of identity. In other words, you need more than just a password to be granted access. There are many benefits of MFA for accessing business applications. They keep our Office365 and Salesforce data safe, even if someone obtains, guesses, buys or brute-forces a username and password.

However, when applications move to the cloud, the login consoles of these applications get exposed to the Internet as well. Threat actors use valid accounts to gain initial access to the network, evade defenses, obtain persistence, and escalate their privileges. These tactics allow various defenses to be bypassed, including anti-virus, application control, firewalls, intrusion detection/prevention systems and system access controls. Unauthorized use of valid accounts is very hard to detect, as they look very much like business-as-usual.

Enabling MFA for your system administration and security tools achieves three goals:

• Reduces risk of access by unauthorized persons ❌
• Generates alerts for attempted access, allowing an admin to block future attempts as needed ⚠
• Prevents account sharing, ensuring accurate audit trails that can tie behavior to a specific user 📍

Enabling MFA often costs nothing more than your time. If you’ve been ignoring giant ‘Enable MFA’ banners on your consoles, it’s past time to take that action.

For more information about this article click here.

To connect with Climb click HERE and select Sophos!