Technology Advisor Blog



Microsoft 365 and Multi-Factor Authentication: A Simple Step to Secure Your Small Business

Posted by Ann Westerheim on 11/18/24 10:49 AM

MFA- Blog Set up

Did you know that Microsoft estimates that 99.99% of security incidents for Microsoft 365 involve accounts that don't have multi-factor authentication? (https://learn.microsoft.com/en-us/partner-center/security/security-at-your-organization)  Microsoft 365 is one of the most targeted applications in the world by cyber criminals everywhere, and with a free and simple extra step, you can help safeguard your account.  


Multifactor authentication (MFA) adds an extra layer of security to protect your accounts. It means you need two things to log in:

  1. Something you know (like your password)
  2. Something you have (like a code on your phone or a key).

Even if someone steals your password, they can't get in without that second thing. It's like locking your door and needing both the key and the code to open it.


Multi-factor authentication has been available from Microsoft for years, and we have enabled it for all clients and advised implementation.  The problem is that many people want to avoid the perceived inconvenience and choose to delay the set up - No!  You don't need to enter a code every time you send and receive an email!   We're on a mission to help all the stragglers enable multi factor authentication NOW!  You'll get a few nudges to set up your multifactor authentication, and on the third nudge, you will be required to set it up.

Setting up multi-factor authentication (MFA) only takes a few minutes. Once it's set up, you’ll rarely be prompted for the extra security—only in situations like traveling or signing in on a new phone or laptop. 

Important tip: Be cautious of “sponsored” apps that might appear at the top of your search results. The real Microsoft Authenticator app will have a high number of downloads and reviews—look for those as a sign you’ve found the right one!

Microsoft Authenticator

Got a little extra time today and want to be proactive?

Why set up Multi-Factor Authentication?  If your account is compromised, a hacker can easily access sensitive information like emails and documents, and other important information.

Check your current multi-factor authentication status:  Go to your Microsoft Account, click on View Account, then Security Info.  If Microsoft Authenticator is not listed here, you can simply click on "Add Sign-In Method" to add it.  

Some of the key risks for not using MFA on Microsoft Office 365:

Phishing Risks

Without MFA, a single phishing email can deceive users into revealing their password, giving attackers immediate access to accounts.

Data exposure:
Compromised accounts provide hackers access to sensitive data such as emails, documents, and customer information stored in Office 365.

Password breaches:
If a password is exposed in a data breach, attackers can easily exploit the account unless MFA is in place.

Business disruption:
Hackers can use compromised accounts to send fake emails such as invoices, disrupt operations, or initiate ransomware attacks.

Compliance issues and Insurance Requirements:
Industries with compliance requirements often mandate MFA; failing to implement it can lead to legal and regulatory consequences.

Here are some more resources for you for Microsoft 365 Multi-Factor Authentication:

Ekaru_Training_Portal_600

Ekaru Training Platform:  Everyone on a support plan with Ekaru has access to our training platform.  Here you can find short training modules on Microsoft 365 and a long list of other topics, such as productivity with Microsoft Excel, Microsoft Project, Microsoft Dynamics, Sharepoint and more.  If you're not already leveraging the platform, reach out to us to roll out to your team.  In the meantime, here are two training clips that will help with Multi-Factor Authentication: 

Multifactor Authentication and Mobile Devices

<Note - These links will expire in a week and are meant as an example for the Ekaru training platform - Reach out to us and we can send these to you, or better yet, set you up on the training platform directly!>

Additional Helpful Links:

Here's a link from Microsoft for setting up Multi Factor Authentication:

Here's a helpful link from Microsoft with several general training modules:

How it Works:  Microsoft Entra MultiFactor Authentication:

To proactively access your own Microsoft security settings, including seeing recent logins (make sure no one else it getting in your account!):

There's plenty of information out there!  Now is not the time to sit on the sidelines of technology.  It's a strategic advantage for EVERY business, not just the Fortune 500.  Leverage tech and stay safe on line!

Your Homework: 

Check your status and set up Multi-factor authentication NOW.  It's free and already available to you!

Take action now to secure your company's future. Contact us to begin building a more robust defense against cyber threats.

Photo Credit:  ChatGPT.  Prompt: Can you make an image of a small business customer using a computer with the computer screen clearly visible and multifactor authentication showing on the screen.  We help advise on AI too!

About the author:

Ann Westerheim - Ekaru - Cybersecurity

Ann Westerheim, PhD is the Founder and President of Ekaru, a Technology Service Provider of cybersecurity and IT services for small and medium businesses in the greater Boston area.  Ann is an accomplished technology innovator and leader with three engineering degrees from MIT.  She has twenty years of high tech experience in research, advanced development, product development, and as an entrepreneur. Her career has spanned a vast range of technology endeavors including research in thin film semiconductors and superconductors, microprocessor fabrication, development of early Internet medical applications, and now focusing on the application of technology in business. She has an avid focus on the "last mile" of technology and decreasing the digital divide.

https://www.linkedin.com/in/annwesterheim/ 

 

 

 

 

 

 

 

Subscribe by Email





    Most Popular Posts



    Browse by Tag

    See all tags...


    Posts by Month

    See all months...


    Connect With Us



    Older Blog Posts

    For older Ekaru blog posts, go to ekaru.blogspot.com.