Common MFA mistakes -- and how to fix them | TechTarget
MFA has long been one of the most effective security controls an organization can deploy. It's inexpensive compared to many security technologies, relatively easy to implement and capable of stopping a large percentage of credential-based attacks.
It's not a coincidence that nearly every security framework and cyber insurance policy recommends or requires MFA. Even so, simply checking the MFA-enabled box doesn't mean an organization is adequately protected from attack. In many breaches, the victimized organization had MFA in place, and the flaw usually wasn't in the technology itself.
The trouble often results from how MFA was deployed, configured or managed over time. Like any security control, MFA is only as effective as its implementation.
Let's look at some common ways MFA can go wrong.
Mistake #1: Assuming MFA provides complete coverage
Problem: One of the biggest mistakes organizations make is believing MFA is universally enforced. In reality, it's common...
Copyright of this story solely belongs to techtarget.com. To see the full text click HERE