Question

  • Creator
    Topic
  • #4003236

    multifactor authentication

    by jfinn689 ·

    Our company is looking to implement Multifactor Authentication through Microsoft. We have over 55+ locations where staff work from. They use shared devices (laptops). I have looked into setting up conditional access with our ISPs for each location, though this looks to add a good chunk of annual cost through monthly subscriptions for static IPs. What is the correct thing to do?

    My major concern is staff being unable to clock-in/out through our web-based app because they may not have a cellphone for authenticating with MFA when prompted. What is the common practice? I know every company goes through this same process when implementing MFA. Currently, a smart phone is not a requirement for our staff to complete their job – therefore we do not feel comfortable saying this is something you need…

    Thank you!

You are posting a reply to: multifactor authentication

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our Community FAQs for details. All submitted content is subject to our Terms of Use.

All Answers

  • Author
    Replies
    • #4003256
      Avatar photo

      Not common practice.

      by rproffitt ·

      In reply to multifactor authentication

      Let’s say you want employees to check in and out on a smart phone. It’s not really a problem as the company must provide the phone, pay for the plan as well as create the systems to make it all work.

      Why would it be uncomfortable for the company to provide the tools to do the job?

      Real life example: Whole Foods here has order pickers and they provide an iphone at the beginning of the shift with the app that presents the pick list as well as the system to call the customer if need be.

      So is it common practice to ask employees pay for a phone for business use? No. And it never should be.

    • #4003304
      Avatar photo

      Re: MFA

      by kees_b ·

      In reply to multifactor authentication

      A cell phone to run the MFA-app does not need to have a SIM-card nor a subscription or even prepay card with a provider. So for people without a smart phone themselves it’s cheap to provide them with a working device to logon.
      And yes, then it’s reasonable to require that they not only take their company laptop with them if they want to work somewhere, but their company provided login device also.

    • #4006748

      Multifactor Authentication

      by markanderson264 ·

      In reply to multifactor authentication

      MFA is a layered approach to securing your online accounts and the data they contain. When you enable MFA in your online services (like email), you must provide a combination of two or more authenticators to verify your identity before the service grants you access. Using MFA protects your account more than just using a username and password. Users who enable MFA are significantly less likely to get hacked, according to Microsoft. Why? Because even if a malicious cyber actor compromises one factor (like your password), they will be unable to meet the second authentication requirement, which ultimately stops them from gaining access to your accounts.

      Multi-Factor Authentication, or MFA, is an important security measure that businesses should consider implementing. MFA adds an extra layer of security by requiring more than one form of authentication, such as a password and a fingerprint or an access code and a smartphone identifier.

Viewing 2 reply threads