It’s estimated that 24 billion usernames and password combinations are being sold on the dark web. Compromised credentials remain one of the biggest security threats facing organizations today. When there are as many malicious cyber attacks as there are stars in the sky, no additional precaution is too much.
Protecting you and your community from these threats is one of the most important jobs we have. That’s why beginning in March 2023, we're moving towards a platform-wide requirement for all clients to have Multi-Factor Authentication (MFA) enabled in their SmartSimple Cloud systems.
We've already started this journey, enhancing the SmartSimple Cloud ecosystem to enable broader application of MFA for all clients in our November 2022 upgrade. Read on to learn more about this enhancement.
What is Multi-Factor Authentication (MFA)?
In simplest terms, MFA is a digital authentication method that requires users to verify their identity by using two or more pieces of identification to gain access when logging in. This provides an additional layer of protection during the sign-in process.
Apart from the standard login username and password, additional verification may utilize other other tools or channels where a unique -single- use code is sent to. Users are required to enter that one-time code to proceed through login. The most common verification tools are authenticator apps, email or SMS (i.e. text message).
Similar to how banks ask for two forms of ID for additional verification when opening an account, MFA adds additional layers of protection for higher security.
In today’s connected world, threats are ever-present. Malicious actors use a wide array of techniques to steal usernames and passwords, making them a weaker level of security that can leave your system vulnerable to unauthorized access. Since MFA relies on secondary tools and channels to deliver a one-time use code, it’s much more difficult to infiltrate.
Unfortunately, the number of cybersecurity threats increase every year, and most attempts target password theft. In fact, 61% of all security breaches involve stolen login credentials. With the growth in cloud technology and the rise in remote work, more and more incidents of security breaches are happening.
Moving toward the platform-wide adoption of MFA is just the latest action we are taking in our ongoing commitment to empower the SmartSimple community with tools that support security best practices.
What you can expect when MFA is enabled platform-wide
Our November upgrade included an enhancement to broaden MFA functionality in SmartSimple Cloud.
SmartSimple Cloud now supports additional MFA methods. Apart from support for authenticator apps like Google’s, SmartSimple Cloud now also supports authentication through email and SMS (text message). This offers SmartSimple clients a variety of options they can use for authentication and gives them the ability to offer multi-factor authentication to their external community.
MFA can be deployed through authenticator apps and email at no extra cost. There is a modest annual fee for deploying MFA through SMS.
With platform-wide activation of MFA on SmartSimple Cloud taking effect March, 2023, we’re encouraging clients to be proactive by implementing MFA after our most recent MFA feature enhancement went live on the platform on November 10th, 2022.
As we draw nearer to the March 9th, 2023 go live date, we’ll be providing regular updates and resources to help guide you through set up. The SmartSimple Wiki is a good reference point to start with.
If you have any questions, or are looking for guidance around setting up MFA, please contact our Platform Solutions team.