The importance of MFA - why you really need to have it in place by 2022

This is blog 1 in a series of 4 that deals with security management

4
 min read |  
7/11/2022
 |  
Business critical applications

Ransomware, phishing, hacks, you name it. In recent years you hear more and more about it. We are all paying more attention and taking measures. Fortunately! After all, you wouldn't want to think about your personal or company-sensitive information being out in the open and you not being GDPR compliant. Where it all starts? Right, with setting up MFA and keeping your passwords secure. In this blog, Joe tells you more about the how and the why.

Multi-factor Authentication - the importance to you and the organization  

It's very simple. We apply the "zero trust" principle here. Devices should not be trusted by default. We don't trust anyone by default. Not even a device. Whatever device you use and whatever application is involved, you have to log in with your password. And you know it. You know that you shouldn't use easy-to-guess passwords, that you often forget them if you don't keep track of them anywhere, and that there shouldn't be too many routine/similar passwords. The goal of MFA? Security! And preventing data breaches.  

So how do you log in now? And what is the best way to do that for yourself and the organization? Initially, we lock out. That means we check that it's really you who wants to log in to your device. And then how we check that, we need a process for that. With Multi-factor Authentication, there are multiple ways to do that. Think of confirmation via SMS (this way is less secure, because they are more susceptible to spoofing and phishing), the mobile authentication app or logging in with your face ID or fingerprint.  

TIP from Joe: always check if you made the request yourself before accepting.

Within TeamValue, for example, we also monitor with Azure Sentinel how colleagues are logging in in terms of authentication. This allows us to measure how secure our organization is in terms of logging in. It can be seen that the majority do so with the mobile app or through face ID. Want to read more about this. Check out A picture is worth a thousand words - visualizing your data. - Microsoft Sentinel 101 (learnsentinel.blog) or keep following this blog series because Hendrik will soon be taking a deep dive into monitoring with Azure Sentinel.  

4 simple steps that will keep your passwords safe

We put together a short roadmap for you to check immediately if you are safe enough and otherwise that you know what to take immediate action on.  

  1. Set MFA. Logical but still there are plenty of people who have not done this individually. Make sure you install it not only on your work devices but also on your own devices. Minimize the chance for hackers to get to your data!
  1. Use a Password Manager. One example is LastPass, but of course there are many others. The importance of this? You keep everything safe in the proverbial vault. Also, logging in with a Password Manager is many times faster because they are entered automatically. Win-win right?  
  1. Then also have your passwords generated by your Password Manager. If you use such a tool anyway, let the system work for you and use the standards and password suggestions you get. The system can come up with that much better than you can and turn it into passwords with a good character and number combination. Often, the longer the password, the more time it takes for a hacker to crack it.  
  1. Make sure your passwords are all different. Perhaps an open door, but if someone does get access to your credentials, make sure they can't just log into other systems using the same password.  

Want to know more?  

Microsoft Defender for Cloud - MFA is worth at least 10% of your secure score

So far you found tips on what you can check as an organization and what you can do as an individual to keep your passwords as secure as possible. Did you know that Microsoft Defender for Cloud also gives you plenty of tips to get the so-called secure score up? Setting up MFA already accounts for 10% of the value. Want to know what to do as an organization for that other 90%? Then keep following this blog series in which Marco explains which other recommendations you can apply to get that ISO 9001/27001.  

Last tip from Joe: MFA and Password Managers are there for a reason. Use them! Otherwise, sooner or later, you'll have your turn. And believe us, in this case, prevention is better than cure. So do you still have passwords with Hello123? Then change them immediately with your Password Manager 😉

Download our cheat sheet BizDevOps

We combine data and foresight with intuition and lasting behavior change. How. We wrote out the first steps for you in our BizDevOps cheat sheet. Download it now for free and start your digital transformation today.

5
 min read |  
19/7/2024
Team huddle: A weekly moment for connection and effectiveness in your team
In the digital age where technology drives the way we work, collaboration is becoming increasingly challenging. Teams are scattered across different locations and working on a variety of projects, so connectedness can quickly be lost. How can we ensure that team members stay engaged despite this distance?
Business critical applications
3
 min read |  
19/7/2024
Back to the 80's! - Recap Azure & AI Lowlands
June 27 was the day: the Azure & AI Lowlands event! With the entire Cloud team we traveled to this event, completely in '80s style. Think neon colors, retro games, iconic 80s vehicles and of course a lot of tech talks on Azure and AI.
Our team members
4
 min read |  
5/7/2024
The Role of Agile Coach - In conversation with Gert-Jan
Meet Gert-Jan! Agile Coach at TeamValue. Scrum working is totally his thing. And he likes to help his colleagues with this. Curious about working at TeamValue? Then read on quickly.
More information about this blog? Get in touch with the author(s).
Joeghanoe Bhatti
Sign up for the newsletter!
SIGN UP NOW
Background

Join our team!

TeamValue is a young and fast growing company with a solid foundation. We are looking for people who have IT skills and enjoy giving workshops. Searching together for the best solution for a customer. That is what we are all about!

Azure Solution Developer

A very dynamic role, in which more than just technical skills are required! You are that Fullstack Software Developer who knows how to build business-critical applications. All your solutions must be rolled out 100% automatically.

Full-time
Zwolle

Cloud Engineer

You are the Cloud Engineer who understands the old world, has a lot of experience in it and secretly wants nothing more than to enter the new world of Modern Service Management and the public cloud. Do you have scripting skills, do you stand for proactive management and are you 'on' when it comes to solving (im)possible problems? The team can't wait to meet you.

Full-time
Zwolle

Business Intelligence Consultant

You have guts! Because you dare to be critical towards our customers. You really help the client one step further. You think with us, ask questions and respond. Because TeamValue goes for the best result.

Full-time
Zwolle