Tips for Implementing MFA Without Getting the Employee Pushback

If you’re like most Tennessee businesses, you’ve got multiple cloud accounts that are used in your business processes every day. The average employee now uses as many as 36 different cloud accounts in their workflow.

With so much business data in the cloud, attacks on cloud accounts have been going up. Credential theft has become one of the main goals of phishing attacks.

All a criminal must do is get their hands on a user password or guess one that’s too weak, and they can access all types of business data, email, cloud storage, user information, and more.

One of the best ways to secure cloud accounts is by using multi-factor authentication (MFA). MFA is 99.9% effective at blocking fraudulent sign-in attempts. 

So, everyone should be using it, right? But unfortunately, many companies don’t use this obvious business solution for cloud security due to resistance coming from their employees. 

43% of companies globally do not use multi-factor authentication. 

You shouldn’t have to sacrifice security for productivity. Read on to learn how you can successfully introduce MFA and reduce employee pushback.

Allow Employees to Choose From Different MFA Options

People tend to be less resistant to a new change in their workflow when they feel they have some control over how it is implemented. There is more than one way to enact MFA and allowing employees options can improve acceptance.

Some employees might find certain forms of MFA less of an issue than others. Here are some of the standard methods that provide options to your team, while keeping your cloud accounts secured:

  • Receive the MFA code by text message
  • Receive the MFA code by mobile or desktop app
  • Use a separate security key to authenticate
  • Use a fingerprint scan or facial recognition 

Reduce Barriers by Using Contextual Factors

You can remove certain barriers to login without sacrificing security by using contextual factors along with your implementation of multi-factor authentication.

These factors can include:

  • The person’s permission level (higher permissions might have more authentication requirements)
  • Geographic location (use additional challenges for logins outside the country)
  • IP address (if the person is on your business Wi-Fi, you might reduce MFA requirements)
  • The device being used to login and whether it is recognized or not

Keep MFA Implementation Uniform Across All Logins

You might decide that a good compromise for employee push back on MFA is to enact it for some cloud accounts, and not others. But this creates inconsistency that can hurt productivity and lead employees to believe that your company doesn’t think MFA is all that important.

It’s better to implement MFA uniformly across all your accounts. This improves user experience by keeping it consistent and ensures you don’t have security vulnerabilities that could negatively affect your company.

Use a Change Management Process

As many as 50% of organizations that implement a business change, like MFA or something else, end up with a failed project. This is often because they didn’t use change management techniques to guide their team through the change adoption.

Adding MFA into a workflow might seem like a small thing, but it’s a big deal for the users that have to adjust to a new daily process. Change management is about guiding people through a change successfully to mitigate resistance and increase support and adoption.

Some of the tenants of this practice include:

  • Bringing users in on the process before the change is made
  • Asking for support from leaders in the organization 
  • Providing adequate coaching and training
  • Interfacing with users to let them know what’s in it for them (i.e., the benefits to them, personally)
  • Ensuring users have access to support after the implementation 

Couple MFA with Single Sign-On (SSO)

Pushback on MFA is generally due to a time factor. Users will complain that it’s going to take them more time and thus hurt their productivity.

When you couple MFA with SSO, you can actually reduce the time it takes to log in to the various business apps users need to access throughout the day.

Single sign-on applications connect to your various cloud accounts and allow the user to sign in once to access all connected accounts. This sign-in process, coupled with MFA, can improve your cloud security at the same time as saving users time and making the move to MFA an attractive one.

Some of the additional security advantages of SSO include:

  • Gives companies centralized control over access to multiple accounts
  • Eliminates problems with too many passwords causing bad password habits
  • Reduces the time spent going through “lost password” processes
  • Eliminates problems like password reuse

Get Help Implementing a Successful and Effective MFA/SSO Strategy 

Unbound Digital can help your Johnson City, Tennessee business better secure your cloud accounts from a breach through an effective MFA/SSO implementation.

Contact us today to schedule a consultation. Call 423-335-2461 or reach us online.


View Mobile Site