The initials MFA, as every computer security professional knows, stand for multifactor authentication. The same initials also stand for Master of Fine Arts, and maybe that’s no accident. Protecting your organization’s internal systems and data against intrusion is indeed a fine art. It requires balancing the security needs of the organization against the needs of employees for convenient access to the applications and information they need every day to get their work done.

Set the barriers too low, and the bad guys will find a way in. Make the access process too burdensome, and users get frustrated while productivity suffers. Users have even been known — with no ill intent — to set up shadow IT systems just so they can do their work without having to keep track of passwords. How can organizations strike the right balance between a pleasant user experience and risk-based multifactor authentication?

Improve Microsoft Office 365 Security With MFA

Microsoft Office 365 is one of the most popular application suites in the world. Many thousands of large organizations provide Office 365 apps for new employees and for existing employees to use on new devices. It offers the benefit of keeping applications such as Word, PowerPoint and Excel consistently current with the latest fixes and features all downloaded from the cloud. But with the convenience of the cloud comes the risk of intrusion every time those apps or updates are downloaded. That’s where MFA comes in to help protect businesses against Office 365 security threats.

Before we go any further, what is multifactor authentication? MFA is any process that requires an end user to submit two or more pieces of identification to gain access to a system. The most common example is the familiar two-part username-and-password authentication. While effective in most situations, the username-and-password combination is a frequent target of threat actors. And, because so many of us use the same password for multiple accounts, one breach can threaten a range of systems. Plus, we all have trouble remembering and resetting passwords repeatedly to meet ever-stricter requirements for complexity and length.

Multifactor Authentication for the Modern Era

Fortunately, today there are cutting-edge solutions to provide multifactor authentication that is both secure and easy to use. MFA mechanisms such as email or text, one-time-passwords, and mobile push with biometric requirements can confirm the identity of users on an app-by-app basis. Once identity is established for a specific device, users can gain access with single sign-on (SSO) capabilities. In addition to protecting your cloud-based applications, the same MFA solutions can safeguard your on-premises enterprise systems as well, such as Linux, AIX, z Mainframe and Windows remote desktop.

Features such as an administrator’s dashboard can integrate data from various sources and present a unified display of relevant, in-context information. This allows administrators to view usage statistics at a glance by geography, time period and other variables. Sign-on activity can be monitored across the organization to track successful and failed logins and to spot any unusual activity.

Some solutions also offer reporting capabilities that let administrators assemble authentication reports to look for trends and anomalies. Reports can show which applications — and thus licenses — are used most frequently and which users are most active.

In addition, since not all applications require the same level of security, administrators can also customize settings for when and how users need to authenticate for different applications. An app that offers access to confidential information, for example, will require stronger authentication protocols than access to an event calendar.

Ideally, end users should be able to browse available apps and request access to Office 365 or other applications from a simple access request interface. Such systems provide faster access for users and place less of a burden on administrators.

Perimeter Protections Can’t Keep Up With BYOD

Security professionals know all too well that threat actors are relentless in their efforts to break into computer systems. The risk environment is always changing. In today’s world, where mobile devices and bring-your-own-device (BYOD) policies are proliferating, a firewall around the perimeter is no longer adequate. And while cloud-based applications offer many benefits, they also raise the stakes for the security team.

Your security measures need to keep pace with the threats and the evolving needs of your users. The right solution can enable administrators to deploy apps quickly while ensuring compliance with company access policies and simplifying the access process for end users. It can also enhance mobile device enrollment and compliance — something that is truly needed in a cloud-driven company.

Learn More in the Webinar: Protecting Office365 with IBM Cloud Identity and MaaS360

More from Cloud Security

The Importance of Modern-Day Data Security Platforms

Data is the backbone of businesses and companies everywhere. Data can range from intellectual property to critical business plans to personal health information or even money itself. At the end of the day, businesses are looking to grow revenue, innovate, and operationalize but to do that, they must ensure that they leverage their data first because of how important and valuable it is to their organization. No matter the industry, the need to protect sensitive and personal data should be…

Cybersecurity in the Next-Generation Space Age, Pt. 4: New Space Future Development and Challenges

View Part 1, Introduction to New Space, Part 2, Cybersecurity Threats in New Space, and Part 3, Securing the New Space, in this series. After the previous three parts of this series, we ascertain that the technological evolution of New Space ventures expanded the threats that targeted the space system components. These threats could be countered by various cybersecurity measures. However, the New Space has brought about a significant shift in the industry. This wave of innovation is reshaping the future…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

How Posture Management Prevents Catastrophic Cloud Breaches

We've all heard about catastrophic cloud breaches. But for every cyberattack reported in the news, many more may never reach the public eye. Perhaps worst of all, a large number of the offending vulnerabilities might have been avoided entirely through proper cloud configuration. Many big cloud security catastrophes often result from what appear to be tiny lapses. For example, the famous 2019 Capital One breach was traced to a misconfigured application firewall. Could a proper configuration have prevented that breach?…