Securely Deploying and Using MFA

Using multifactor authentication (MFA) is one of the best things you can do to protect yourself and your environment. MFA prevents a large percentage of cyberattacks. You should use it when and where you can to protect sensitive data and systems.

However, anything can be hacked or bypassed. Any MFA solution, strong or weak, can be hacked and bypassed.

You should absolutely still use MFA when and where you can to protect sensitive data and systems.

To mitigate many of the inherent risks of MFA, follow these recommendations:

• All users with access to sensitive data or systems should use MFA
• Select and use proven, secure, MFA solutions that consider and mitigate common cybersecurity threats
• Use phishing-resistant MFA whenever possible
• Implement MFA solutions using vendor’s recommendations
• Implement MFA solutions with secure defaults

Example: Fail-close settings, disable older, weaker, legacy protocols, etc.

• Actively monitor MFA solution activity and authentication events for signs of malicious activity
• Educate all stakeholders about what types of attacks MFA does and doesn’t prevent
• Educate yourself and other stakeholders about the appropriate use and operation of their specific MFA solution(s)

No matter what type of MFA solution(s) you have or use, educate yourself and all other stakeholders, especially end-users, about the following topics around the particular MFA solution being considered or used:

• Strengths and weaknesses of the specific MFA solution(s)
• How to correctly use the specific MFA solution(s)
• Examples of incorrect use of the specific MFA solution(s)
• The common real-world attacks for that type of MFA and how to detect and prevent
• Signs and symptoms of common real-world hacking attempts against the specific MFA solution(s)
• What to do during a rogue hacking attempt (i.e., defeat and report it)

Never assume that anyone has all the appropriate education and understanding about a specific MFA solution. Good education is a great way to reduce the risk of cybersecurity threats.

MFA is a cybersecurity tool that all users and organizations should implement to protect sensitive data and systems. MFA solutions should be securely selected and implemented along with education to mitigate some of the inherent risks.?