There are times when companies would like to adopt a certain security protocol, but users complain because they say it will impede their work. Balancing security with productivity can be tricky, but it doesn’t have to be an either/or scenario.
One example of a common challenge that companies come to IT consultants in Texas for is how to improve password security without increasing the inconvenience to users.
Multi-factor authentication (MFA) is a best practice when it comes to password and cloud account security. It’s incredibly effective (as much as 99.9%) at keeping accounts secure, even if the attacker has the password.
Yet many businesses don’t use it because users complain about it taking longer to log in to their accounts.
When looking at safeguards to keep your company from becoming a victim of ransomware or a data breach, MFA is one of the best you can have. If you follow some of our implementation tips, you can introduce it in a way that mitigates user resistance and helps you better secure your digital assets.
How to Get Users Onboard With MFA
Bring Employees into the Process Early
When employees are just told what to do and suddenly must change a significant part of their workflow, they’re not going to be happy about it. Resistance to change is one of the biggest reasons that technology implementations fail.
It’s important to bring employees into the process early, and not just at the end once MFA is being deployed.
Provide ongoing communications before your “go-live” date to warm people up to the idea and let them know why this change is important and how they and the company will benefit from it. If they’re not blindsided at the last minute, employees will be more willing to accept the adoption of multi-factor authentication.
Provide Flexible MFA Options
If you provide your users a choice in how they use MFA, they’ll feel they at least have some ownership over the process. This can improve their acceptance and help ensure they use it as intended.
23% of surveyed individuals think that SMS or mobile app MFA authentication is very inconvenient.
Some of the MFA options you can offer include:
- Using MFA via SMS
- Using MFA via a device app
- Using MFA via a security key
- Using MFA via biometrics (like a fingerprint scan)
Reduce Barriers Using Contextual Triggers
You can use contextual triggers to balance security with convenience. For example, if a user is logging into a company server from your on-premises Wi-Fi, you can reduce the authentication needs because you know the person is in your office.
But if you have a user attempting a login from outside the city at midnight, an additional challenge question could be put in place to ensure they’re a legitimate user.
Some of the contextual triggers that you can use with MFA to balance security and convenience include:
- Time of day
- IP address
- Geographic location
- Device settings
- User’s privilege level
Save Users Time with Single Sign-On (SSO)
Using SSO along with MFA can eliminate the biggest complaint that users have with MFA, that it takes them longer to sign in to all their apps.
Single sign-on is a technology you can use with MFA to reduce the number of times a user needs to log in to do their work.
You connect various cloud accounts to the SSO technology and then users only need to go through the login and authentication process once to access all their work applications. This saves time and gives you the ability to create a more uniform login experience.
Don’t Do “Hit or Miss” MFA Implementation
Only implementing MFA on some applications and not others, is not a good tradeoff to make MFA less inconvenient.
For one, it reduces the security benefit of MFA. Another problem is that it provides an inconsistent experience to your team (“Do I use MFA with this app or not?”)
It’s best to implement MFA uniformly across all your business accounts. This sends the message that MFA is important and reduces the guesswork about which apps use MFA and which don’t.
Follow Up With Users Post Implementation to Address Any Issues
Once MFA is in place, your job isn’t done. An important part of any new technology adoption is providing help and support after implementation to ensure the change is sustained.
If users run into road bumps and don’t have any support to help them overcome those, they can end up looking for workarounds and falling back into old ways of doing things.
Follow up with your team in the weeks after MFA adoption to address any issues and help them move smoothly through the transition until MFA becomes the new normal.
Don’t Leave Your Cloud Accounts Unprotected!
Texas I.T. Pros can help your Denton or Wise County business with a thoughtful and effective plan to implement MFA, SSO, and other access security technologies.
Contact us today to learn more! Call 940-239-6500 or reach out online.