Virtual Cyber & Technology Risk Management Forum

Implement MFA

• Multi-Factor Authentication (MFA) = an additional factor (a thing you are, a thing you have, a thing you know) during the authentication process. Can include: o SMS text o Hard token o Soft token (preferred) o Email verification o Phone call • Deploy MFA for all external-facing web applications or assets, including: o Email/Productivity Apps o VPN o RDP o Other web portals • Consider deploying MFA for internal authentication next • MFA prevents 99.9% of external account compromises - Microsoft

© SBS CyberSecurity, LLC www.sbscyber.com

42