MFA and why it’s important to secure your identities right now

You’re feeling really good about yourself today. Your boss posted a very flattering article about you on the company intranet this week. You did what IT was always telling you and stayed vigilant. You knew that email wasn’t from Important Person and reported it to the security team as soon as you were sure. Now people look at you like you’re some kind of superhero. You don’t have a big ego, but you kind of like the praise.

Now you have to get back to work. Those deadlines aren’t going to meet themselves. So, you dive back in, moving from task to task like you always do. After lunch, you scan your email for important messages that you need to get to right away. You notice an email from your help desk saying that your account has been potentially compromised, and you need to log into the company portal and change your password right away. You’re not sure how your account could have been compromised. After all, you are vigilant. And you haven’t noticed anything out of the ordinary like IT is always telling you to look out for.

You click the link in the email which takes you to your company portal. The company logo is there as well as the “change your password” link you are accustomed to seeing. You click the change your password link, type in your username and password. (Then confirm the password. How annoying.) After that you click submit. All done! Time to get back to work.

Later that afternoon, you notice that you are getting responses to emails you did not send. You start to get concerned because some of them are to people in Finance asking them to pay an invoice you didn’t approve. There are also emails to people in IT asking for access to systems you don’t even use.

Begrudgingly, you go to your manager and inform her of these developments. She tells you to go back to your desk and call the security team immediately. You do so and it turns out, your account was compromised. But only after you reset your password. The email you received was a phishing attack and the link you clicked for the company portal was a fake site made to look real. When you reset your password, the hackers recorded it and used it to log into your email account and send messages to others in your organization. And while you were guilty of falling for a phishing attempt, the security team is in real hot water because they neglected to enable MFA (multi-factor authentication) for your account.

Conclusion: Entra ID MFA and conditional access policies are vital to protecting the identities workers use in their organization. Scenarios like these can be easily avoided when the appropriate controls are configured to thwart account compromise.

To learn how Cloud Security Solutions can help, visit our website.

https://cloudsecuritysolutions.tech