Most business leaders have accepted the notion that passwords alone are not enough to keep their data and systems safe. Amid the growing risk of credential stuffing, phishing scams, and other cybersecurity threats, technology leaders are turning to multi-factor authentication (MFA) as a first line of defense. MFA grants users access to accounts and applications only when they prove their identity in two or more ways — not just through a password but also a security code, fingerprint, face scan, hardware key, or other validation mechanism. MFA is so effective that it can head off up to 90% of cyberattacks.
IT leaders eager to reap the benefits of MFA often want to enact a one-size-fits-all solution in a single swoop. That mentality is understandable, but it can lead to disrupted workflows, resentful employees, and aborted adoption efforts. Instead, the key to sustainable and effective MFA implementation is to meet your workforce where they are.
Three Steps to Full Adoption of MFA
Here are best practices to make your MFA strategy work for the long haul:
- Know your workforce
It can be tempting for leaders to look for a single “switch” to flip to enable MFA for their entire workforce. Yet it’s rare for large organizations, whether public or private, to have just one type of worker using a singular authentication process. More often, employees in various roles and locations, and contractors, touch vital systems and applications. The first step for an IT leader should be to understand what the workforce at your company looks like, how they engage with critical technology, and where risks lie.
The majority of employees may be desk workers who can sign on to a single platform for the entire day. A subset of workers may even log in on personal or company-issued phones. Even if the majority of your workers fall into a certain category, you’ll never have 100% coverage with MFA if you’re not willing to accommodate the smaller use cases.
- Offer options that fit into existing workflows
Once you have a handle on the shape of your workforce, offer an array of MFA solutions tailored to how your various employees are already working. First, identify if pockets of the organization are already using MFA, such as a hardware security key or mobile phone app. Look for ways to recycle those methods across other systems and departments in order to minimize disruptions and mental load for employees. Next, assess the central control points that fit the modes of work you’ve uncovered and could be venues for MFA. That could mean a single sign-on system for desk workers, a handheld device for people stocking shelves, mobile phones for those in the field, or security keys for those on a shop floor. Instead of forcing a single piece of technology on all teams, building on existing solutions and providing options that fit a variety of workflows makes it more likely that MFA will work for everybody.
- Make it easy for admins
The people who oversee MFA typically have many other functions to juggle, and change can be daunting for anyone. Once you’ve settled on solutions, invest in creating the right learning materials and enablement support that will help admins facilitate a smooth transition. The products themselves should be easy to use, with understandable, meaningful, and documentable controls that enable optimal outcomes with the least number of clicks. At the same time, solutions should have enough flexibility to address complex use cases through a tailored approach.
Secure Systems, Peace of Mind
Many business leaders have committed to the goal of enabling MFA across their organizations, but painting with a broad brush isn’t likely to achieve 100% adoption. One-size-fits-all implementations that place an undue burden on your workforce, or get in the way of serving customers, will lead to dissatisfaction or soon be discarded. Providing user-friendly solutions tailored to existing workflows is the key to making full-scale adoption of MFA a reality. By meeting your workforce where they are, you can make a massive leap in protecting your business and customers.