Why your company needs multifactor authentication

by | May 24, 2023

ARTICLE | May 24, 2023

Multifactor authentication (MFA) is becoming increasingly important as a security tool. Just five to 10 years ago, not many companies used MFA. Instead, organizations relied on passwords to control access to applications, data and devices.

However, these passwords became longer and harder to remember and manage. Companies forgot to change default passwords. Cybercriminals also became experts at cracking passwords.

In the wake of these developments, MFA has become the standard for identity and access management as part of a layered approach to security.

What is multifactor authentication?

MFA is a way of identifying and verifying the authority of a user immediately using a secondary method of authentication. Typically, MFA verifies the identity of users based on something they know, have or are. For example, the secondary factor could be a token, a single-use code or a biometric, such as a fingerprint or a facial scan.

An MFA strategy can be used as part of a zero-trust  approach to security. Zero-trust security follows the principles of “never trust; always verify,” which are supported by the way MFA promotes identity and access management.

MFA adds another layer to a company’s defenses by ensuring that the users connecting to business resources are employees and not bad actors.

Why MFA is crucial now

MFA has become a requirement for many companies. For example, the Federal Trade Commission requires that financial institutions use MFA to safeguard sensitive financial data. Now the FTC is extending these requirements to any company that deals with customer financial information. For example, car dealerships would be subject to the requirement because they run credit checks on customers.

Under these criteria, companies in most industries will need MFA eventually. Cyber insurance providers also require that companies use MFA in order to qualify for a new or renewal policy.

Use cases for MFA are also expanding. While MFA previously focused on virtual private network logins for remote workers, now it’s being used for administrator accounts. When admins log into servers, they receive another prompt.

Today, MFA is used not only on the edge of the network but also within the network environment. Access can be controlled based on job role to prevent employees from using resources that aren’t needed for them to do their jobs.

What you need from MFA

Not all MFA solutions are created equal. For example, Cisco Duo has additional features and functionalities that its competitors don’t provide. With Duo, single sign-on addresses the complaints of employees who become tired of jumping through multiple hoops to access the resources they need.

A good MFA platform should also have risk-based authentication, in which the authentication process adjusts to match the risk level. As hackers get wise to MFA, they try to work around it. Some MFA users will experience push fatigue. If hackers keep trying, eventually the user will accept the login just to stop getting notifications.    Risk-based authentication mitigates risk by looking at the location or time of an access attempt and denying the login until authority can be established.

MFA: Part of the bigger security picture

Like most security solutions, MFA isn’t a silver bullet but part of an overall security strategy. Your company needs an advisor with the security knowledge and experience to fine-tune your security policies and develop a holistic approach to IT security.

As one of the largest Cisco-certified managed service providers, RSM can help your company develop a security strategy supported by Duo and other leading security technologies. With over 10,000 Duo clients and customers and as an early adopter of this solution, we have the knowledge and experience needed to ensure your business gets the most out of Duo.

Questions or Want to Talk?

Call us directly at 972.221.2500 (Flower Mound) or 940.591.9300 (Denton),
or complete the form below and we’ll contact you to discuss your specific situation.

  • Should be Empty:
  • Topic Name:

This article was written by RSM US LLP and originally appeared on 2023-05-24.
2022 RSM US LLP. All rights reserved.

RSM US Alliance provides its members with access to resources of RSM US LLP. RSM US Alliance member firms are separate and independent businesses and legal entities that are responsible for their own acts and omissions, and each are separate and independent from RSM US LLP. RSM US LLP is the U.S. member firm of RSM International, a global network of independent audit, tax, and consulting firms. Members of RSM US Alliance have access to RSM International resources through RSM US LLP but are not member firms of RSM International. Visit rsmus.com/aboutus for more information regarding RSM US LLP and RSM International. The RSM(tm) brandmark is used under license by RSM US LLP. RSM US Alliance products and services are proprietary to RSM US LLP.


KHA Accountants, PLLC is a proud member of RSM US Alliance, a premier affiliation of independent accounting and consulting firms in the United States. RSM US Alliance provides our firm with access to resources of RSM US LLP, the leading provider of audit, tax and consulting services focused on the middle market. RSM US LLP is a licensed CPA firm and the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with more than 43,000 people in over 120 countries.

Our membership in RSM US Alliance has elevated our capabilities in the marketplace, helping to differentiate our firm from the competition while allowing us to maintain our independence and entrepreneurial culture. We have access to a valuable peer network of like-sized firms as well as a broad range of tools, expertise, and technical resources.

For more information on how KHA Accountants can assist you, please call 972.221.2500.

It’s Lonely at the Top

Explore the three key factors contributing to the isolation often felt by CEOs and business leaders. Learn how our Dynamic Business Advisory service can provide the necessary context and expertise to help you navigate complex business decisions.

Bake’s Takes Volume 1, Issue 2

Dive into Bake’s Takes, a monthly roundup of the best leadership reads, curated by Strategic Consulting Partner, Jonny Baker. This edition explores decision-making dynamics, coaching strategies for rookies and veterans, and the journey to authentic leadership. Join us to equip yourself with insights from Jonny Baker, fostering vision, alignment, and execution in your leadership role.

The journey to 2025 tax reform begins

House Ways & Means Committee Chairman Jason Smith (R-MO) and House Tax Subcommittee Chairman Mike Kelly (R-PA) recently announced the formation of 10 “Committee Tax Teams”. Each team will address key tax provisions from the 2017 Tax Cuts and Jobs Act (TCJA) that are set to expire in 2025 and identify legislative solutions.

Tax Tip – IRAs for Young Adults

As we navigate the complexities of financial planning, one opportunity stands out for young adults: individual retirement accounts (IRAs). With the 2023 tax-year contributions deadline fast approaching on April 15, 2024, now is the perfect time to consider how you can leverage an IRA.

New Crypto Rules Likely Coming

If you invest or trade in Bitcoin, non-fungible tokens (NFTs), Stablecoins, or other digital assets, prepare for sweeping new tax reporting requirements.  Congress wants the IRS to crack down on taxpayers who buy and sell crypto but don’t report or pay tax on their gains.