The biggest risk to any organization is the end user and their password hygiene. It is an age old problem as users want to keep things easy using the same dictionary based password for all applications! This problem will continue to exist until we change end user behavior via policy enforcement and apply other layers of protection such as Single Sign On and Multi Factor Authentication (MFA).
Because of this, MFA is becoming more of a must than a nice to have as companies starting to adopt a healthier security posture/program. In fact, MFA has become a full blown requirement to achieve critical compliance certifications that would provide your company with a better security reputation and demonstrate evidence of data protection.
As a Cloud Security Engineer, I would love for MFA to be adopted across the board, which is part of the reason we are writing this blog, to provide our insights into the importance of implementing MFA across an enterprise.
As some of you may have recently heard, Sumo Logic is now PCI 3.2 DSS compliant, which we could not have achieved without the diligence of our DevSecOps team putting some cycles together to get Multi-Factor Authentication delivered to the Sumo Logic base via the platform for another layer of password defense.
When logging into the Sumo platform, you can now enable the 2-step verification for your entire organization, within the security policies section of Sumo, as seen below.
When Multi Factor Authentication is enabled globally for the Org, you will be prompted with the following screen, to configure your MFA.
Every login from here on out will now prompt the following screen after completed configuration.
What does Multi-factor authentication provide to the end user?
A low friction way to keep their credentials from being compromised and make it extremely difficult for attackers to take advantage of weak end user passwords. With the emergence of Cloud Computing, password-based security just won’t cut it anymore. Applying this extra layer of defense to credentials drastically drops the chance of your account ever being compromised. At Sumo Logic, we are glad to extend this extra layer of defense to our customers as they access our Multi Tenant Saas based offering.