Why your company needs multifactor authentication

by | May 24, 2023

ARTICLE | May 24, 2023

Multifactor authentication (MFA) is becoming increasingly important as a security tool. Just five to 10 years ago, not many companies used MFA. Instead, organizations relied on passwords to control access to applications, data and devices.

However, these passwords became longer and harder to remember and manage. Companies forgot to change default passwords. Cybercriminals also became experts at cracking passwords.

In the wake of these developments, MFA has become the standard for identity and access management as part of a layered approach to security.

What is multifactor authentication?

MFA is a way of identifying and verifying the authority of a user immediately using a secondary method of authentication. Typically, MFA verifies the identity of users based on something they know, have or are. For example, the secondary factor could be a token, a single-use code or a biometric, such as a fingerprint or a facial scan.

An MFA strategy can be used as part of a zero-trust  approach to security. Zero-trust security follows the principles of “never trust; always verify,” which are supported by the way MFA promotes identity and access management.

MFA adds another layer to a company’s defenses by ensuring that the users connecting to business resources are employees and not bad actors.

Why MFA is crucial now

MFA has become a requirement for many companies. For example, the Federal Trade Commission requires that financial institutions use MFA to safeguard sensitive financial data. Now the FTC is extending these requirements to any company that deals with customer financial information. For example, car dealerships would be subject to the requirement because they run credit checks on customers.

Under these criteria, companies in most industries will need MFA eventually. Cyber insurance providers also require that companies use MFA in order to qualify for a new or renewal policy.

Use cases for MFA are also expanding. While MFA previously focused on virtual private network logins for remote workers, now it’s being used for administrator accounts. When admins log into servers, they receive another prompt.

Today, MFA is used not only on the edge of the network but also within the network environment. Access can be controlled based on job role to prevent employees from using resources that aren’t needed for them to do their jobs.

What you need from MFA

Not all MFA solutions are created equal. For example, Cisco Duo has additional features and functionalities that its competitors don’t provide. With Duo, single sign-on addresses the complaints of employees who become tired of jumping through multiple hoops to access the resources they need.

A good MFA platform should also have risk-based authentication, in which the authentication process adjusts to match the risk level. As hackers get wise to MFA, they try to work around it. Some MFA users will experience push fatigue. If hackers keep trying, eventually the user will accept the login just to stop getting notifications.    Risk-based authentication mitigates risk by looking at the location or time of an access attempt and denying the login until authority can be established.

MFA: Part of the bigger security picture

Like most security solutions, MFA isn’t a silver bullet but part of an overall security strategy. Your company needs an advisor with the security knowledge and experience to fine-tune your security policies and develop a holistic approach to IT security.

As one of the largest Cisco-certified managed service providers, RSM can help your company develop a security strategy supported by Duo and other leading security technologies. With over 10,000 Duo clients and customers and as an early adopter of this solution, we have the knowledge and experience needed to ensure your business gets the most out of Duo.

Questions or Want to Talk?

Call us directly at 972.221.2500 (Flower Mound) or 940.591.9300 (Denton),
or complete the form below and we’ll contact you to discuss your specific situation.

  • Should be Empty:
  • Topic Name:

This article was written by RSM US LLP and originally appeared on 2023-05-24.
2022 RSM US LLP. All rights reserved.

RSM US Alliance provides its members with access to resources of RSM US LLP. RSM US Alliance member firms are separate and independent businesses and legal entities that are responsible for their own acts and omissions, and each are separate and independent from RSM US LLP. RSM US LLP is the U.S. member firm of RSM International, a global network of independent audit, tax, and consulting firms. Members of RSM US Alliance have access to RSM International resources through RSM US LLP but are not member firms of RSM International. Visit rsmus.com/aboutus for more information regarding RSM US LLP and RSM International. The RSM(tm) brandmark is used under license by RSM US LLP. RSM US Alliance products and services are proprietary to RSM US LLP.


KHA Accountants, PLLC is a proud member of RSM US Alliance, a premier affiliation of independent accounting and consulting firms in the United States. RSM US Alliance provides our firm with access to resources of RSM US LLP, the leading provider of audit, tax and consulting services focused on the middle market. RSM US LLP is a licensed CPA firm and the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with more than 43,000 people in over 120 countries.

Our membership in RSM US Alliance has elevated our capabilities in the marketplace, helping to differentiate our firm from the competition while allowing us to maintain our independence and entrepreneurial culture. We have access to a valuable peer network of like-sized firms as well as a broad range of tools, expertise, and technical resources.

For more information on how KHA Accountants can assist you, please call 972.221.2500.

Why the Cost of Customer Acquisition Is So Important

For any business, understanding and effectively managing the cost of customer acquisition is crucial for success. In this video, we’ll explain what it is, how it’s calculated, and how it affects a business’s profitability, cash flow, and overall growth.

IRS releases guidance on Roth catch-up contributions under SECURE 2.0

The Internal Revenue Service (IRS) has recently released guidance on Roth catch-up contributions under SECURE 2.0 Act. This guidance, outlined in Notice 2023-62, provides important information for individuals who are age 50 or older and participating in a retirement plan that allows deferral contributions.

Estate Planning after a Business Sale

After selling a business, it is crucial to update your estate plan to align with your new financial situation. This article provides and overview of common strategies to consider.

Estate planning after the sale of a business interest

This article discusses estate planning and tax considerations after the sale of a business interest or other liquidity event, including common strategies to reduce estate tax and meet charitable giving goals.

Will You Need To Report Beneficial Ownership Information?

The Corporate Transparency Act will require most businesses to provide beneficial ownership information to the U.S. Department of Treasury to combat money laundering. Find out who needs to report, what information is required, and when the reports must be submitted.