TechTalk – What is Multifactor Authentication and Microsoft Conditional Access and why you should care. Multifactor Authentication

You have probably come across Multi factor Authentication already without knowing it. It’s what happens when you log on to say an email account and enter your password, then you must enter another number sent to you typically via text message or email. It’s that second piece of info that’s the ‘multi’ in ‘multi-factor authentication’.

The reason you have it is to try to make sure that only the person who knows the password and the code can gain access to your account. So, a hacker would need both these pieces of information to access your account and given he doesn’t have your mobile phone it’s safe!

Why should you care? Well, for the same reason you don’t leave your house unlocked with the windows open when you go out. You only want someone with the right key to get in. Whilst the house analogy plays out well, when it comes to your email account login you want to really make sure no-one else can access this because if they do, they can use it to reset lots of other online accounts you have. And from there they can go on to commit fraud and other crimes.

Of course, in the business context, if your Microsoft 365 account is hacked, they can also go on to commit more serious offences like crimes against the company, data theft, fraud, send SPAM emails purporting to come from you, and so on.

Conditional Access

Conditional Access is about further controls over access to your Microsoft account. Here we are talking about only allowing users to logon to their Microsoft account from PC’s and laptops which have been approved or set by the business. So, they couldn’t go home and logon to OneDrive for Business using their own personal PC or laptop.

Why is this important you ask? Because if they could do this then there is the opportunity for users to download data from your OneDrive for Business area to their own PC, at which point you’ve lost control of your data. If this was payroll data or personal data for example, then you can see there would be a GDPR issue straight away.

Finally, Conditional Access can go further, and you can block attempts to login to your account from certain countries. If you only operate in the UK for example, why wouldn’t you want to block all logons attempted from outside the UK? This will greatly reduce the number of opportunities for hackers to hack into your account.

Conclusion.

So, Multi-factor authentication and Conditional access should be the de-facto default settings for your Microsoft 365 accounts. Once set up, these essential techniques can protect your OneDrive tenancy, keep your data safe for hackers or employees and protect your brand.

For more information and a demo of OneDrive, please contact RMT Technology 01912569550