How to secure Office 365 using Multi-Factor Authentication
Businesses in the UK have seen cybercrime increase by a third in the last year, whilst employees have been distributed and working from home. Crimes include; staff receiving phishing emails from cyber criminals pretending to be the service desk to reset their passwords, workers tricked into downloading viruses from hackers demanding ransoms or even text messages impersonating the CEO asking for money transfers.
Cyber criminals are continuing to find new and innovative ways to attack individuals and their homes and devices, to find a path to your trusted network, as employees continue to operate beyond the protection of the corporate firewall.
Here we explain what WatchGuard AuthPoint Multi-Factor Authentication (MFA) is, and how it secures Office 365 and protects your users whilst they stay connected in the office or at home.
What is AuthPoint?
AuthPoint is WatchGuard’s multi-factor authentication (MFA) service. With AuthPoint, you can require users to authenticate with the AuthPoint mobile app or a third-party hardware token when they log in to a protected resource, such as a computer, VPN, or a cloud service or application.
AuthPoint uses the latest MFA methods to protect your trusted resources from unauthorized access. You can choose different authentication methods for specific user groups and applications:
- Push Notification: When you log in, AuthPoint sends a push notification to your mobile device that you approve to authenticate and log in or deny to prevent an access attempt that was not made by you.
- QR Code: When you log in, you scan a QR code with the AuthPoint mobile app and use the verification code you receive to authenticate (AuthPoint uses secure QR codes that can only be decrypted by the AuthPoint mobile app).
- One-Time Passcode: An OTP is a unique, temporary password available in the AuthPoint app that you use to authenticate.
Where can I use AuthPoint?
AuthPoint can be used to protect access to a range of your resources, including your WatchGuard SSL VPN as well as a range of Cloud Hosted Services – like Office 365, Dropbox, BambooHR and more.
AuthPoint and Office 365
With the ever-changing industry that is IT, keeping your company secure is more vital than ever. One part of that is keeping access to your company resources, like Office 365 emails and documents, secure and protected.
AuthPoint allows you to protect multiple solutions at once, including Office 365, by removing the old fashioned 6-digit code text to your phone and introducing a single solution protecting all your resources under one roof.
The AuthPoint app allows your users to authenticate right from their own phone! No need to carry key fobs or thumb drives; instead, install and activate the AuthPoint app in seconds, and then use it to authenticate from a smartphone.
When logging into Office 365, users will be prompted for their normal username and password, which then subsequently will prompt them to authenticate themselves using the simple and easy to use AuthPoint app.
AuthPoint comes with policies as well, allowing you to restrict access to Office 365 based on different factors. Allowing you to have complete control over how your resources are accessed:
- Where? Using AuthPoint, you can restrict access to Office 365 for example for users who are only either in your office or on your VPN connection.
- When? You can also restrict the time period that your users can access Office 365, restricting certain groups of staff to only working hours.
- Who? If you only have certain users who you want to be able to access a resource, like a HR portal, you can specify groups of users who are allowed access.
Why Multi-Factor Authentication?
Passwords can be stolen by cyber criminals, potentially giving them access to your online accounts. However, accounts that have been set up to use 2FA will require an extra check, so even if a criminal knows your password, they won’t be able to access your accounts.
Multi factor authentication (MFA) extends beyond the traditional methods of two factor authentication (F2A) and consists of a three pronged approach, asking users to provide: something that they know, on something that they have in order to positively identify a specific person. You should always consider using multi-factor authentication for all important accounts and internet-facing systems.