The initials MFA, as every computer security professional knows, stand for multifactor authentication. The same initials also stand for Master of Fine Arts, and maybe that’s no accident. Protecting your organization’s internal systems and data against intrusion is indeed a fine art. It requires balancing the security needs of the organization against the needs of employees for convenient access to the applications and information they need every day to get their work done.

Set the barriers too low, and the bad guys will find a way in. Make the access process too burdensome, and users get frustrated while productivity suffers. Users have even been known — with no ill intent — to set up shadow IT systems just so they can do their work without having to keep track of passwords. How can organizations strike the right balance between a pleasant user experience and risk-based multifactor authentication?

Improve Microsoft Office 365 Security With MFA

Microsoft Office 365 is one of the most popular application suites in the world. Many thousands of large organizations provide Office 365 apps for new employees and for existing employees to use on new devices. It offers the benefit of keeping applications such as Word, PowerPoint and Excel consistently current with the latest fixes and features all downloaded from the cloud. But with the convenience of the cloud comes the risk of intrusion every time those apps or updates are downloaded. That’s where MFA comes in to help protect businesses against Office 365 security threats.

Before we go any further, what is multifactor authentication? MFA is any process that requires an end user to submit two or more pieces of identification to gain access to a system. The most common example is the familiar two-part username-and-password authentication. While effective in most situations, the username-and-password combination is a frequent target of threat actors. And, because so many of us use the same password for multiple accounts, one breach can threaten a range of systems. Plus, we all have trouble remembering and resetting passwords repeatedly to meet ever-stricter requirements for complexity and length.

Multifactor Authentication for the Modern Era

Fortunately, today there are cutting-edge solutions to provide multifactor authentication that is both secure and easy to use. MFA mechanisms such as email or text, one-time-passwords, and mobile push with biometric requirements can confirm the identity of users on an app-by-app basis. Once identity is established for a specific device, users can gain access with single sign-on (SSO) capabilities. In addition to protecting your cloud-based applications, the same MFA solutions can safeguard your on-premises enterprise systems as well, such as Linux, AIX, z Mainframe and Windows remote desktop.

Features such as an administrator’s dashboard can integrate data from various sources and present a unified display of relevant, in-context information. This allows administrators to view usage statistics at a glance by geography, time period and other variables. Sign-on activity can be monitored across the organization to track successful and failed logins and to spot any unusual activity.

Some solutions also offer reporting capabilities that let administrators assemble authentication reports to look for trends and anomalies. Reports can show which applications — and thus licenses — are used most frequently and which users are most active.

In addition, since not all applications require the same level of security, administrators can also customize settings for when and how users need to authenticate for different applications. An app that offers access to confidential information, for example, will require stronger authentication protocols than access to an event calendar.

Ideally, end users should be able to browse available apps and request access to Office 365 or other applications from a simple access request interface. Such systems provide faster access for users and place less of a burden on administrators.

Perimeter Protections Can’t Keep Up With BYOD

Security professionals know all too well that threat actors are relentless in their efforts to break into computer systems. The risk environment is always changing. In today’s world, where mobile devices and bring-your-own-device (BYOD) policies are proliferating, a firewall around the perimeter is no longer adequate. And while cloud-based applications offer many benefits, they also raise the stakes for the security team.

Your security measures need to keep pace with the threats and the evolving needs of your users. The right solution can enable administrators to deploy apps quickly while ensuring compliance with company access policies and simplifying the access process for end users. It can also enhance mobile device enrollment and compliance — something that is truly needed in a cloud-driven company.

Learn More in the Webinar: Protecting Office365 with IBM Cloud Identity and MaaS360

More from Cloud Security

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

Cloud threat report: Possible trend in cloud credential “oversaturation”

3 min read - For years now, the dark web has built and maintained its own evolving economy, supported by the acquisition and sales of stolen data, user login credentials and business IP. But much like any market today, the dark web economy is subject to supply and demand.A recent X-Force Cloud Threat Landscape Report has shed light on this fact, revealing a new trend in the average prices for stolen cloud access credentials. Since 2022, there has been a steady decrease in market…

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today