Identity attacks threaten organizations every day. In the wake of COVID-19, more hackers are taking advantage of the new challenges brought on by the pandemic through fraud schemes, email phishing and compromising user access. Hospital employees continue to be one of the biggest targets for phishing, with hackers consistently targeting user credentials to gain access into a system.
Take a look at this research found by Microsoft, there are currently:
- 4,000 daily ransomware attacks
- 300,000,000 daily sign-in attempts
- 167,000,000 daily malware attacks
The reason cyber criminals are so successful is that they gain easy access through the use of weak, default, or stolen passwords. Consider it yourself – how often do you reuse the same password for multiple logins?
Even if password resets are in place for every few months, many times, users will simply add a number or character to their existing password because they can’t come up with – and remember – a new password for every application they use.
With all that in mind, the following statistics are no surprise:
- 81% of breaches are caused by credential theft
- 73% of passwords are duplicated
- 50% of employees use apps that aren’t approved by the enterprise
Fortunately, Microsoft’s researched revealed that one simple action can prevent 99.9 percent of automated cyber attacks on Microsoft platforms, websites, and other online services – that simple action is implementing multi-factor authentication (MFA).
MFA is more critical now than ever before, since hospitals have shifted some of their staff to remote-style working in response to COVID-19. When employees transition to working remotely, their home networks are not as secure as a hospital’s network, which makes it easier for hackers to tap into a Wi-Fi connection or home network to gather information. That’s why hospitals must implement processes like MFA to validate that users requesting access to various systems are who they're claiming to be.
So, how does multi-factor authentication work? MFA provides at least one extra layer of authentication when logging into an account, beyond just your username and password combination.
A common form of MFA (or sometimes referred to as two-factor authentication) is when a user logs into an application like their email with their credentials and is then sent a numeric code to their phone that they’d need to enter before they can fully log in. This extra layer of security makes it incredibly difficult for hackers to get past because simply knowing or cracking a password isn’t enough to gain access.
As the healthcare industry continues to shift towards greater data access, experts urge organizations to use caution and ensure proper security measures are in place.
Multi-factor authentication is one of the simplest steps you can take to create additional layers of security.