According to Microsoft, in 2021 the company blocked more than 25.6 billion brute force authentication attacks against Azure AD users. They also and intercepted a staggering 35.7 billion phishing emails with Microsoft Defender for Office 365.

Vasu Jakkal is Microsoft's Corporate Vice President for Security, Compliance, and Identity. Jakkal is both passionate and concerned about this subject.  The increase in the total number of attempts since the pandemic began has been breathtaking.

Unfortunately, Jakkal says that so far only a minority of Azure AD and Microsoft 365 users seem interested in taking steps to bolster their own security. Based on statistics gathered by Microsoft, only 22 percent of Azure AD users have activated MFA (multi-factor authentication) protocols. MFA  would keep their accounts safer and make it significantly more difficult for hackers to force their way in.

Here is how much more difficult it can be:

Google combined forces with researchers at New York University and the University of California to study that very topic. They discovered that MFA implementation can block up to 100 percent of automated bot attacks, 99 percent of bulk phishing attacks, and up to 66 percent of targeted attacks. That is an impressive level of protection for something that's so simple to implement and make use of!

The two big takeaways here are:

Depressingly few users are taking even the most basic steps to better secure their accounts.  If you set one major IT security goal for the year, a very good one would be to do all you can to increase the percent of users at your firm who are taking advantage of MFA everywhere they can.

Used with permission from Article Aggregator