1. Our Approach
  2. Solutions
  3. Insights
  4. About Us
  5. Careers

120 Waterfront Street, 5th floorNational Harbor, MD 20745

Contact Us
All Insights
All Insights NewsBlogResults
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

When MFA Is Not Enough – 5 Easy and Essential Steps for Hardening Our Identities

by Katie Bates
by Katie Bates
April 24 Blog

Sitting at the computer, brow furrowed, you try desperately to remember what you told that website your favorite sea animal was when you set up this account five years ago.  Somewhere in the back of your mind, an image emerges of a pair of otters holding hands.  “Otters,” you whisper, and you’re granted access to your account.

Every time you’ve needed to give your mother’s maiden name or try to recall the address of your childhood home to access an account, you’ve used multi-factor authentication (MFA).  MFAs generally require two or more pieces of information that help confirm your identity and may include:

  1. Something you know – like your password, your favorite sea animal, or your high school mascot
  2. Something you have – like a key, a physical USB security token, or your phone’s authentication app
  3. Something you are – like your fingerprint, face, voice, or other biometric

Including verifications from multiple categories makes it harder for someone to fraudulently gain control of your account.  Sounds easy, right?

In practice, however, it gets a little more complicated.  The sheer amount of personal data that can be bought and sold on the web makes it easier than ever for malicious actors to find, for example, your childhood address and breach these “something you know” security measures.  Brute force attacks that are able to rapidly guess randomly generated numbers make it easy to crack any 4-digit code your bank sends via SMS text message.  Artificial intelligence is even making it easier to impersonate someone’s voice to gain access to accounts that require voice-matching MFAs by manipulating publicly available video recordings.  Simply put, this generation of MFA technology isn’t going to protect you against modern hackers.

But, don’t worry.  There’s hope!  In a recent roundtable discussion at the Microsoft Secure conference, leading experts offered five ways to strengthen your security posture when it comes to verifying someone’s identity online.

  1. Harden Your Current MFA – Ensure that everyone who uses the system is required to complete multi-factor authentication. Retire weak MFA options like SMS and Voice in favor of passwordless, phising-resistent methods like Windows Hello facial recognition.
  2. Conditional Access – Leverage the power of Azure Active Directory (AD) to establish rules that govern access to the environment and restrict access requests coming from unknown or unverified locations, devices, or applications. And even when these conditions are met, require MFA.
  3. Privileged Identity Management – Not everyone needs to be an administrator, and even those that do rarely need to be an administrator forever. Privileged Identity Management (PIM) removes vulnerable carte blanche permissions by eliminating privilege-based standing access.  Instead of a one-time credentials token download, PIM would require all security tokens to be scrubbed from the device at the end of the session, ensuring that an unmonitored device cannot be hacked to gain that credential. Roles must be requested and approved by a third party with a business justification before that role is granted for a limited time.  Role- and time-bound access parameters help keep your log-in secure.
  4. Azure Active Directory Identity Protection – Enforce risk policies that can guard and automatically block a user for activities such as impossible travel, logging in via Tor Browser, or logging in from a suspicious IP address.
  5. Attack Simulation – At the end of the day, your environment is only as secure as the people who use it. By taking an active effort in educating your user base, you can help users understand their role in protecting data and identities; raise security awareness; and instill more conscious and cautious behavior when working with applications.  Phishing attack simulators, like those in Microsoft Defender for Office 365, allow you to send out would-be malicious requests and determine whether your team is responding appropriately.
Katie Bates
Author

Katie grew up in Alabama, where sweet tea flows freely and seasons are marked by their proximity to college football (Roll Tide). After graduating from a small liberal arts college, she moved to Washington, DC and balanced her life between restaurant management, freelance cocktail consulting, and finishing her Ph.D. at American University’s Behavior, Cognition, and Neuroscience program.  Central to her success in each of these arenas was (a) an ability to proactively prioritize and organize complex projects with many moving parts, (b) a detail-oriented focus on keeping everything on track, and (c) a commitment to seeing each project through to completion.  Katie has now brought these skills to Cloudforce as a Project Manager, where she works with clients to ensure that their needs are addressed on time and under budget, and with a result that exceeds expectations.  

Recommended for you.

Here is what our Customers are saying.

  • “Biggest surprise was that there were no surprises. There’s always gonna be a speed bump…but not in this case...it was freshly paved road."

    James Corrao Director IT, Anderson Equipment Company

  • “Cloudforce’s expert assistance enabled us to transition fully to the virtual environment of Teams—without any hiccups! This has improved our communications tremendously and reduced our cost of operations.”

    Jignesh Dalal CEO, Vesta Inc.

  • “Cloudforce has given us the confidence that we’re doing things properly—they’ve taken away any hesitation or concern.”

    Lorin Sholander CEO, Adoption-Share

  • “Our CEO considers what Cloudforce and Anderson have done together to be a competitive advantage.”

    James Corrao Director IT, Anderson Equipment Company

  • “We couldn’t be happier with the work performed by Cloudforce. They completed the project on time, on spec, and at a cost that was extremely fair and reasonable. I would absolutely recommend Cloudforce to any company with similar needs.”

    Steve Napper CEO, K2 Contracting Group

  • “Cloudforce’s expert assistance enabled us to transition fully to the virtual environment of Teams—without any hiccups! This has improved our communications tremendously and reduced our cost of operations.”

    Jignesh Dalal CEO, Vesta Inc.

  • “I have had the pleasure of working with the (Cloudforce) team for the last 5 years and have been more than satisfied with their service and staff. They are very personable, responsive, courteous and thorough with their explanations. Most importantly, they listen! Not being very savvy when it comes to technology, they are patient in trying to understand my wants and desires with changes to my system(s). Each encounter, no matter the team member, has been not only pleasant, but informative and enjoyable.”

    Kathy Yeldell Director, Member Quality Services, AFSPA

  • "Cloudforce brought their top SMEs and their A-game to the table to help us dig out of the customization hole that a previous consultant had landed us in. They have dramatically helped us turn the corner by bringing our SharePoint environment back to where it should be."

    Maha Rifai Harrison Manager, System Solutions, Hill International

  • “I really enjoy working with Husein and his team at Cloudforce. He’s helped us quickly and efficiently with a number of problems that would have been very hard for us to solve.”

    Stephen Brooks Founder and CEO, SHBrooks

  • “Our company became a Cloudforce client to migrate our IT Systems, primarily our client accounting systems, to the cloud. Cloudforce provided us with a comprehensive analysis of how to address our needs and within a price we could live with. We could not be more impressed with the results and throughout the process have always found Cloudforce technicians to be professional, knowledgeable, and trustworthy. And, the service after installation is phenomenal. When it comes to cloud migration and IT Support, Cloudforce offers a proactive and complete solution. We look forward to continuing our partnership.”

    Gregory Cheseman President, The Daimler Waterford Group

  • “They’re not just your typical IT company. They’re able to offer solutions beyond what we could even imagine.”

    Kyle Longton COO, AFSPA

  • "Cloudforce has assisted us in various projects over the last few years. They are always professional and thorough and we have full confidence that they will deliver as expected."

    Adi Englander Senior Vice President, IT-Enterprise Solutions, JBG Smith

  • “Partnering with Cloudforce has been an awesome experience. They continue to deliver a team of talent that adds insight and value to my clients and produces results on every project. They have truly become my go to partner.”

    Karen Swain President and CEO, Excelous

  • “Excellent, trustworthy, and comprehensive … Cloudforce is an extension of the organization.”

    Paula S. Jakub CEO/EVP, AFSPA

  • “We have gone from a system that some would say was very archaic to one that is, by far, more productive.”

    Yancy Meiller Manager of IT, AFSPA

  • "As we approach the eighth anniversary of our relationship with you all, I remain as happy as ever that we forged a partnership and have been able to look to you for help and support. I look forward to many more years to come."

    Kyle Longton CAE, REBC, Chief Operating Officer, AFSPA

  • "Cloudforce’s knowledge of the Microsoft ecosystem is unparalleled. The quality of technical talent is incredible and rarely seen in my 30 years being a CTO. In addition, Cloudforce has strong business analysis skills which augment their fast and accurate delivery of solutions."

    Raj Patel Vice President of Enterprise Solutions, HITT Contracting, Inc.

Our Customers.

Your turn.

So enough about us, let’s talk about you! Submit this form and we’ll reach out to discuss how cloud solutions can make your business work faster, safer, and smarter.

    • This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

    120 Waterfront Street, 5th floorNational Harbor, MD 20745 202.803.6500