Scribd
Upload
17 views4 pages

Lab Book 3

Uploaded by

tejinderbuttar01
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
17 views4 pages

Lab Book 3

Uploaded by

tejinderbuttar01
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Lab Book 3

Tejinderjit Singh
8976400
INFO2260
Yash Shah
August 7 , 2024
To: Fabricam Leadership
From: Tejinderjit Singh, Microsoft Technology Consultants
Date: August 8 2024
Subject: Securing Improved Accessibility using Multi-Factor Authentication
What is MFA?
Multi-Factor Authentication (MFA) is a security process in which a user is asked to
produce at least two pieces of identification before being allowed to access a
system, network or application. These variables can be an object, which the user
possesses (smartphone or smart card), information, which the user possesses (PIN
or security question), or biometric information, which the user is. By so doing,
additionally in case of an incident in one of the layers, the other factors act as a
back up to prevent unauthorized access.
Why is MFA important for Fabricam(what problems does it solve for Fabricam)?
 Protecting Sensitive Data: With the help of MFA, Fabricam can protect
customers’ personal data, patents, and money, which will help to maintain
customers’ trust and follow the rules.

 Compliance with Industry Standards: Most of the regulatory policies and


industry best practices recommend or mandate the use of MFA. Applying it
assists the company in meeting these compliance needs and preventing
possible penalties.

 Reducing Impact of Password Compromises: In MFA, even if the attacker gets


hold of the password, he or she cannot access the Fabricam accounts without
the second factor, thus making it very difficult for the attackers to penetrate
the system.

 Enhancing Remote Access Security: With the increase in work from home,
MFA makes it possible to authenticate remote workers who connect to
Fabricam’s network.

 Lowering Risk of Account Takeovers: MFA makes it difficult for the account to
be hacked since even if the password is intercepted, the intruder cannot gain
access to Fabricam’s accounts.

 Safeguarding Against Insider Threats: MFA minimizes the threat of insider


threats since it adds an extra layer of authentication to guarantee that only
the right people get access to the restricted areas.

Advantages :
 Secures Cloud-Based Services: Protects access to cloud applications and data.
 Supports Business Continuity: Helps avoid costly downtime due to security
breaches.
 Protects Third-Party Access: Secures access for partners and vendors.
 Reduces Dependency on Passwords: Lowers reliance on easily compromised
passwords.
 Enhances Network Security: Secures entry points to corporate networks.
 Aligns with Zero Trust Models: Fits into modern zero-trust security
frameworks.
 Provides Flexible Authentication Options: Supports multiple methods like SMS,
apps, and biometrics.
 Scalable Security Solution: Can grow with the organization's needs.
 Prevents Unauthorized Data Access: Ensures only verified users can access
critical data.
 Enhances User Experience: Can be user-friendly with appropriate
implementation.
 Boosts Productivity: Minimizes disruptions from security incidents.

Disadvantages :
 Compatibility Issues: There might be cases where the older systems or
applications do not have MFA, and there will be some sort of workaround.

 Lost Device Risks: The main disadvantage of using MFA is that if a user
misplaces his or her phone or any other device used for MFA, then there could
be a security issue.

 Potential for Technical Failures: MFA systems can be offline or have technical
problems, which means that they cannot be accessed.

 Backup Method Complexity: Secure methods of backup for MFA (for example,
backup codes) are introduced.

 SMS Vulnerabilities: SMS-based MFA can be susceptible to SIM-swapping or


interception.

 Phishing Still Possible: Even the most advanced MFA can be sometimes
bypassed, for example, with the help of social engineering.

 Increased Help Desk Requests: MFA can increase the number of support
requests, especially in cases where a device is lost or the user has forgotten
the password.

 Cost of SMS Authentication: SMS for MFA may have some costs, especially for
the users from other countries.

 Time-Consuming Setup: The first time implementation and deployment of


MFA may take a lot of time as the IT staff and the users are involved.
Recommend measures:
 Identify Key Locations: Conduct a thorough risk assessment to determine
which areas within Fabricam are most likely to benefit from the
implementation of MFA.
 Evaluate and Select the Right MFA Solution: Carefully assess and
choose an MFA solution that aligns with Fabricam's specific needs and
regulatory requirements.
 Develop a Comprehensive Implementation Plan: Create a detailed
implementation plan that includes user training and support to ensure a
smooth rollout of MFA across the organization.
 Mandate MFA for All Stakeholders: Ensure that MFA is mandatory for
employees, contractors, and partners to secure all access points.
 Continuously Monitor and Adapt: Regularly review the effectiveness of
MFA, making adjustments as needed to maintain robust security.

You might also like