Multi-factor authentication and cyber-insurance

Matt Franklin at UK insurance broker Russell Scanlan explains the importance of considering cyber-breach cover, and at the same time adding Multi-Factor Authentication to IT systems

For years the insurance industry has been unwavering and even strident in its support for cyber-security protection. It has warned of the growing sophistication of cyber-criminals and that, although only the larger, big brand, enterprises make the media headlines when hijacked, it is businesses of all sizes across all sectors that are targeted.

Now, the insurance industry is putting its digital foot down.

At Russell Scanlan we encourage all businesses to consider-cyber-insurance protection. The impact of a breach is potentially devasting. However, the introduction of multi-factor authentication is also important as it provides a simple but robust level of protection that many firms can implement.

Some insurers are now insisting or highly recommending that it is adopted as part of a standard cyber-security insurance requirement. 

What exactly is MFA?

Multi-factor authentication is a security process that requires users to provide two or more forms of identification to access an account or device. This can include something you know (like a password), something you have (like a mobile phone or security token), or something you are (like a fingerprint or facial recognition).

By requiring multiple forms of identification, MFA makes it much more difficult for cyber-criminals to gain unauthorised access to accounts or devices.

So why is cyber protection so important for businesses in 2023? And what are the benefits of MFA?

According to a recent study by IBM, the average cost of a data breach in 2022 was £3.53 million, with 28% of breaches involving remote work. Inevitably, when employees are working from home, they are often using devices and networks that are not as secure as those provided in an office environment – which leaves them vulnerable to hackers.

A good cyber-security policy can significantly reduce the risk of cyber-attacks, even if employees are working from home. A recent research carried out by Microsoft, found that 99.9% of cyber-attacks can be blocked by using MFA.

Another benefit of adding MFA to a cyber policy is that it can help comply with regulations and standards, such as the General Data Protection Regulation (GDPR) and the Payment Card Industry Data Security Standard (PCI DSS). These regulations require businesses to take certain steps to protect sensitive data, including using MFA for remote access.

How does MFA work in practice?

If, for example, you need to log into a company email account from a home computer, you would provide a username and password as normal but would then also be prompted to provide a second form of identification, such as a code sent to your mobile phone.

Some MFA systems can also detect unusual login attempts, such as someone trying to access an account from a different country and will then send an alert to a phone or email.

MFA can also have other benefits. Employees are less likely to forget their passwords or be locked out of their accounts, saving time and increasing productivity. A recent study by Yubico, found that the average employee spends over 10 hours per year dealing with password-related issues, such as resetting forgotten credentials.

And there’s also advantages of increased trust, compliance, reduced operating costs, streamlined mobile transactions, negated password fatigue, and simplified login processes. 

Of course, like any security measure, adding cyber-insurance policies and MFA to your business does not make your systems fool proof. Hackers are constantly developing new techniques to bypass security measures, so the need for cyber-security cover is always recommended. 

But the general message is clear, adopting a cyber-insurance policy can only benefit your business online. And adding MFA will protect your data and your business even further.

Matt Franklin is a Director at UK insurance broker, Russell Scanlan.

Main image courtesy of iStockPhoto.com