If you have a mobile workforce or if you use cloud solutions that contain personal data, multifactor authentication is now essential.
21% of cyber security incidents reported to the ICO in Q1 2020 were related to unauthorised access; MFA is powerful defence.
In June 2018, an attacker obtained credentials for five accounts linked to British Airways supplier portal. These could have been obtained in a number of ways. They could have been purchased, obtained through social engineering, use of a keylogger or a security camera watching the keyboard.
Using these credentials, the hacker was able to infiltrate BA’s network and steal 108,000 payment records and, for a period of three months, steal the data from every transaction on BA’s website.
They were fined £18m for the breach by the Information Commissioner Office in October 2020.
With multifactor authentication the breach would likely have not occurred.
If you have any requirements around MFA, please contact us. We can help with configuring WatchGuard AuthPoint, Office 365 Security and Compliance, Meraki Duo and others.
Want to know how British Airways security flaws let data theft unfold? Check out our IT insight piece here...