Why are we hearing more about Multi-Factor Authentication (MFA) and how can it protect you?

What is it?

MFA stands for Multi-Factor Authentication. It is the process of accessing a system or application by verifying who are you with more than just the two items of your username and password that have been the standard up until now. With MFA enabled, you are now prompted for three items to verify your identity.

 

First, you are prompted for who you are (your username). Secondly, you provide something only you should know (your password), and thirdly, you provide something only you HAVE access to (a one-time code on your phone).

 

The “something you have” - the code on your phone - is an app on your mobile device (e.g. Microsoft Authenticator, Google Authenticator, Duo) or a text message-issued six-digit code sent to your mobile phone and then entered during the sign-in process. These authentication codes are short lived and expire quickly so that they are always unique and changing for maximum security. Verifying your identity through your mobile device which you HAVE with you is the most important layer as a hacker will not have access to your physical mobile device. The combination of these three items is what creates the “multi-factor authentication”. 


What does MFA do for security and why is this better? 

Let’s first talk about what happens when you don’t have MFA configured. Attackers can easily obtain the most basic things about you and your account…your full name and email. This information is easily available online through many sources (LinkedIn, your website, and/or social media). With that information in hand, they only need to crack your password…which may not be too difficult. How complex is your password? If it’s too short, attackers may crack your password within seconds utilizing password cracking tools that are readily available on the internet. Or perhaps they send you an email with an attachment that, when you try to open it, it runs malicious code that allows them to obtain your password or that gives them access to your device. The attackers now have your identity AND your password. Nothing else stands in their way. 

 

However, if you had MFA set up on your account, they would NOT be able to access your account even if they know your identity and password because they do not have access to what you HAVE (the one-time, personal authentication code on your MFA app or the text message code on your mobile device that is valid briefly for that login). The result: the attacker is denied access. 


Where should MFA be enabled?

Ideally, MFA should be implemented for ALL externally-accessed systems. Additionally, MFA should be implemented for administrative access to your internal servers. Below are some examples where MFA should be enabled; it is not an exhaustive list. Anywhere MFA can be enabled, it should be. 

  • Cloud & Software as a Service (SaaS):
  • QuickBooks
  • Sage Accounting
  • Payroll / HR Solutions
  • Google Drive / G-Suite
  • Dropbox
  • Microsoft 365
  • Remote Access:
  • VPN Connectivity
  • Remote Desktop / Terminal Servers
  • Citrix
  • Social Media and Marketing Tools:
  • Facebook
  • LinkedIn
  • MailChimp
  • Constant Contact

 

Implementing Multi-Factor Authentication is an absolute necessity in order to protect your business from the variety of threats that exist today. If you do NOT implement MFA and you experience a breach or ransomware event, your Cybersecurity Insurance will likely NOT cover your loss or pay the ransom to regain access to your data and systems. The time to enable MFA is now.

More Recent News

Windows 10 End of Life Is Here—But You Don’t Have to Face It Alone

September 22, 2025
The Walker Group can help you reduce risk, extend protection, and upgrade with confidence.

Meet The Team: Christian B.

By Website Editor September 10, 2025
Meet Christian, one of our OnCall Specialists. He's been a part of the Walker Group family for 2 years. We sat down with Christian to learn more about what he likes to do outside of work, how he spends his time, and his favorite parts of working in the IT field.

The Walker Group & Green Monster Recycling Announce 5th Annual e-Waste Recycling Event

August 1, 2025
FOR IMMEDIATE RELEASE: The Walker Group & Green Monster Recycling Announce 5th Annual e-Waste Recycling Event Farmington, CT – August 1, 2025 – The Walker Group, in collaboration with Green Monster Recycling, is proud to host its 5th Annual e-Waste Recycling Collection on Wednesday, October 15, 2025, from 11:00 AM to 4:00 PM at 20 Waterside Drive, Farmington, CT. This free community event invites residents, businesses, and anyone with outdated electronics to join a joint mission for sustainability, clean energy, and environmental awareness. “Technology moves fast, and so does the waste it leaves behind,” said Diana Sutcliffe, Business Operations and Marketing Director at The Walker Group. “We’re proud to provide a safe, simple way for our clients and the community to dispose of their electronics responsibly—while also building awareness and community spirit.” What’s on deck for the event: Responsible drop-off of electronics including computers, monitors, TVs, cell phones, tablets, and other devices. Assistance from The Walker Group volunteers to help unload your vehicle for a seamless experience. Raffle prizes, kid-friendly games, and refreshments to make the day enjoyable for all ages. RSVP options available for large or bulky items to ensure we’re prepared for your needs. Why it’s important: Electronics contain materials like lead, mercury, and arsenic which can be harmful if improperly discarded. Recycling ensures that these components are handled safely, rare metals are recovered, and waste is diverted from landfills. This event aligns with The Walker Group’s ongoing commitment to environmental stewardship and community engagement. Who should attend: Everyone from individual households with a single device to businesses with large volumes—if you’ve got electronics to recycle, we welcome you! How to participate: RSVP on our website , especially if you plan to bring bulky or heavy items. Collect your unwanted electronics. Drive to 20 Waterside Drive, Farmington, CT on October 15 between 11 AM and 4 PM. Drop off, enjoy the activities, maybe win a raffle prize, meet The Walker Group team and support a greener future. For more information visit: https://www.thewalkergroup.com/e-waste-recycling-event-2025 or send email inquiries to Recycling@thewalkergroup.com
Show More