A shift towards enhanced security
The recent Crowdstrike controversy, or last year the cyber attack on the British Library are just two examples of how even minor security lapses can have a hugely negative impact on businesses and organisations. It leaves us in no doubt that securing your business’ digital assets is more critical than ever.
As cyber threats continue to evolve, the measures we take to protect our data have to keep up. Microsoft Azure is a leading cloud computing platform, and suite of cloud-based services that allow businesses (or IT providers on their behalf) to utilise Microsoft’s data centres, and create either fully cloud-based, or hybrid IT infrastructure without needing their own physical servers. Microsoft has recently announced a significant shift, in that multi-factor authentication (MFA) will soon become the default setting for all Azure accounts. This move reflects a broader industry trend towards more robust security measures, and really highlights the effectiveness of MFA when it comes to preventing sensitive information from falling into the wrong hands.
What is multi-factor authentication (MFA)?
MFA is a security process that forces users to provide two or more pieces of information to verify it is actually them in order to gain access to something like an app, or an online account. Rather than simply asking for a username or password, it could ask for additional credentials such as a PIN, verification using smartphone notifications, or biometric data like fingerprints or facial recognition.
What you’re effectively doing is reducing the likelihood of unauthorised access by creating a layered approach to security, meaning that it remains effective even if one of the factors (like the password) is compromised in a data leak or by other means.
Why Microsoft Azure is Moving Towards Default MFA
Microsoft’s decision to enforce MFA for Azure by default is driven by the growing need to protect businesses from cyber attacks. Password-based security alone is no longer sufficient, as it can be relatively easily breached through phishing attacks, brute force, and other methods, even if your staff are trained to spot phishing attempts. According to Microsoft, accounts protected by MFA are 99.9% less likely to be compromised than those without it.
By making MFA the default, Microsoft Azure aims to:
- Reduce security risks: All right, captain obvious! But it’s still worth saying. With the rise of remote work and cloud computing, the number of potential vulnerabilities, also known as the ‘attack surface’ for businesses has expanded. MFA adds an essential layer of protection against unauthorised access.
- Encourage best practices: Many users may not enable MFA unless it’s required, because they feel like it’s an unnecessary barrier. By setting it as the default, Azure is encouraging businesses to adopt stronger security practices.
- Compliance with industry standards: As regulations around data security become more stringent, having MFA in place can help businesses meet compliance requirements. It’s also suggested by certification options like Cyber Essentials.
How this change may affect businesses, good and bad
- Improved security: Enabling MFA by default means that your business’s Azure accounts will be better protected against unauthorised access, reducing the risk of data breaches.
- User experience considerations: While MFA enhances security, it can also introduce friction for users who aren’t used to additional verification steps and still create weak passwords such as ‘Password!’ For this reason, it’s important to educate your team on the benefits of MFA and provide clear instructions on how to use it effectively.
- Integration with your existing systems: If your business already uses MFA through another provider, you’ll need to ensure that Azure’s default MFA settings don’t conflict with your existing setup. This is a bit on the techy side; Microsoft’s Azure Active Directory (Azure AD) offers flexibility in integrating with other authentication methods but it’s vital that someone with the know-how reviews and tests your configuration.
- Staying ahead of compliance: With MFA becoming a standard security practice, implementing it now will keep your business ahead of regulatory requirements, potentially avoiding fines and other penalties in the future while competitors panic!
Microsoft Azure’s shift to default MFA is a significant step towards enhancing cloud security for businesses of all sizes. This move might feel a little annoying, but it actually offers a timely opportunity to strengthen your security, protect sensitive data, and build trust with clients. Need some help with your security? No problem, get in touch and we can have a chat about what you need.
Further Reading: MFA – who needs it?