Despite being hailed in the beginning as a silver bullet against cyber attacks, multifactor authentication has been shown to still be vulnerable to exploitation, EtayMaor, senior director for security strategy at Cato Networks writes in Forbes
Attackers, for example, have been shown as capable of forcing users to permit illegal access to their devices through MFA fatigue,stealing session cookies to replicate authenticated sessions and exploiting flaws, such as what a group did to gain access to Office 365 accounts.
To address its limitations, security teams must support their organizations MFA systems with extra security measures, according to Maor.
These include adopting a zero-trust security model
that requires verification of all access requests and even then restricts access to what users are authorized to do so. Telemetry data can also be employed to ensure users seeking access are who they say they are, by verifying device ID and posture, behavior patterns and location history.
Employing a single-pass network and security architecture, which is a core attribute of secure access service edge, can also strengthen an organizations security posture by providing multiple layers in which potential breach attempts can be halted.
A single-pass architecture enables context sharing between security applications and services and provides end-to-end, single-pane-of-glass visibility and a unified management console across on-premise and cloud networks and services. Security teams can centrally monitor endpoints and cloud networks and map them against the macro cybersecurity environment, Maor said.