{"id":5212,"date":"2021-01-11T08:30:58","date_gmt":"2021-01-10T19:30:58","guid":{"rendered":"https:\/\/kinetics.co.nz\/?p=5212"},"modified":"2021-01-11T08:30:58","modified_gmt":"2021-01-10T19:30:58","slug":"cyber-risk-mitigation-why-multi-factor-authentication-mfa-is-vital-but-not-enough","status":"publish","type":"post","link":"https:\/\/new.kinetics.co.nz\/?p=5212","title":{"rendered":"Cyber-risk mitigation – why Multi-Factor Authentication (MFA) is vital, but NOT enough"},"content":{"rendered":"\n[et_pb_section fb_built=”1″ _builder_version=”4.16″ _module_preset=”default” custom_padding=”0px|||||” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_row _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”4_4″ _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”]

We keep making the point that nothing can guarantee you won\u2019t be hacked. But you can, and must, mitigate your cyber-risk.<\/strong><\/p>\n

We think tools like Multi-Factor Authentication is crucial for protecting your IT systems \u2013 and MFA should be on EVERYTHING you use \u2013 your email and documents (Office 365), your financials (e.g. Xero), your CRM tools, your marketing software \u2013 even if it\u2019s only accessed via a browser.\u00a0 We view it as a duty to your colleagues, clients and suppliers to help protect their data.<\/p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”2_3,1_3″ _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”2_3″ _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.16″ _module_preset=”default” header_2_font=”|700|||||||” header_2_text_color=”#3EC940″ global_colors_info=”{}” theme_builder_area=”post_content”]

But, MFA is NOT enough by itself.<\/span><\/h2>\n

Security needs to be layered<\/strong>. \u00a0It is much like home security: key lock, deadlock,\u00a0chain\/bolt, alarm and now cameras.\u00a0 Each layer adds an obstacle, but that is all they are. None of them alone will stop someone going in. It hopefully turns them away to find an easier target.<\/p>\n

None of us would tell our family,\u00a0\u201cYou are safe as we have a key lock.\u00a0 There is no need for a chain or alarm.\u201d<\/em>\u00a0 MFA is the same. \u00a0Like a good deadlock, it has strength, but it is not infallible. If you doubt me, the book\u00a0<\/span>\u201cHacking Multifactor Authentication\u201d\u00a0<\/em>by Roger A. Grimes, will step you though 50 ways to get around MFA. \u00a0That does not mean that MFA should not be used anymore than you would not install a deadlock because people can still kick a door open.<\/p>\n

It does mean that you must be very careful when you hear anyone say,\u00a0\u201cI don\u2019t want to do all those things \u2013 c<\/em>an I just do one? What is the one thing that will make me secure?\u201d<\/em>\u00a0<\/span>\u00a0The reality is that you need a combination of defenses, which keeps growing and unfortunately gets more expensive as each weapon needs a license and needs to be maintained.<\/p>[\/et_pb_text][\/et_pb_column][et_pb_column type=”1_3″ _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_image src=”http:\/\/kinetics.co.nz\/wp-content\/uploads\/2021\/02\/51N1mEke8WL._SX397_BO1204203200_-240×300-1.jpg” title_text=”51N1mEke8WL._SX397_BO1204203200_-240×300″ _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”4_4″ _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.16.1″ _module_preset=”default” header_2_font=”|700|||||||” header_2_text_color=”#3EC940″ hover_enabled=”0″ global_colors_info=”{}” theme_builder_area=”post_content” sticky_enabled=”0″]

\n

The protections that seemed excessive a year ago are now inadequate.<\/span><\/h2>\nOur\u00a0<\/span>KARE for Security<\/a><\/span>\u00a0<\/span>is now the base standard of tools.<\/strong>\u00a0 We have spent the last six months researching and evaluating further weapons for your cyber defence and, this January 2021, we are releasing an enhanced plan that builds on KARE for Security with additional protections.\n\nFYI: There are now 51 ways to hack MFA and they range from very sophisticated to simple users hacks. \u00a0Here it is, easy to find, on Amazon!\nhttps:\/\/www.amazon.com\/Hacking-Multifactor-Authentication-Roger-Grimes\/dp\/1119650798<\/a><\/span>\n\n<\/div>\n
\n
<\/div>\n<\/div>\n