Beyond MFA: Adding Context For Secure Access

From securityboulevard.com

MFA SOAR

The pandemic forced most businesses globally to transition to remote work. With many people working from home, any semblance of a corporate security perimeter evaporated, increasing demand for virtual private networks (VPNs) and multifactor authentication (MFA) to strengthen an organization’s security posture.

Legacy Multifactor Authentication Technology is Flawed

Implementing MFA is definitely the right step toward securing remote access, however most organizations ignore the fact that human error (via successful phishing attempts) continues to be a leading cause of security breaches and many of the so-called advanced multifactor authentication methods still rely on something archaic – the password. People are password fatigued, overwhelmed by having to manage on average, 100 passwords and often reusing them at their own risk. In fact, 99% of enterprise users reuse passwords across their accounts. Attackers can easily steal credentials or buy them off the dark web, successfully bypassing MFA all together. Look no further than the headline-making SolarWinds hack that leveraged stolen credentials to get around MFA.

Read more…