Why you shouldn’t rely on built-in MFA

Multi-Factor Authentication is a must-have layer of security for your accounts. However, increased reliance is making it a prime target for attackers. At onPlatinum, we rely on third-party providers to protect your accounts, instead of built-in authentication.

third-party MFA
Posted on: September 21st, 2020 onPlatinum

A growing number of organisations are relying on cloud technologies, with more staff working from home. Multi-Factor Authentication (MFA) is an additional must-have layer of security for your accounts. However, this increased reliance on MFA is making it a prime target for attackers to exploit and gain access to accounts and corporate networks. Here at onPlatinum, we do not rely solely on the built-in MFA that many websites or applications offer, such as Microsoft who’s recent bug was exploited.

Microsoft MFA bug exploited

A bug in Microsoft’s MFA system has opened the door for hackers to access cloud applications. According to researchers at Proofpoint, an attacker could use the bug to gain access to a user’s account, including mail, files, contacts, data and more. The vulnerability could also be used to access other Microsoft cloud services, such as Visual Studio and Azure.

We rely on Duo for your MFA

onPlatinum use a third-party provider DUO to protect your accounts. By working with a company that solely focuses on security, it ensures that users, devices and applications are safeguarded. Their purpose-built infrastructure and highly experienced team bring peace-of-mind and reliability.

DUO’s two-factor solutions are designed with security in mind – passwords are never stored, and public and private keys are stored in different locations. Their ‘zero trust’ approach means that no one is trusted from inside or outside the network, with verification required for every access request. The approach is dynamic and changes with your evolving business environment. Duo ensures that only the right users and secure devices can access applications.

They have a strong focus on device trust, with visibility into every device on the network and device health checks at every login attempt. Users can take responsibility for the health of their devices, with reminders for software updates and the ability to block out-of-date devices from accessing company resources.

Combining MFA with email sanitation and endpoint protection, onPlatinum can mitigate risks and attacks to secure our cloud environments. Protect your people, data and brand from the latest threats with onPlatinum’s security services.

Get peace of mind on the cloud with onPlatinum’s security.

Back to all blog posts

What our clients say