Multi-Factor Authentication as a Best Practice

Akins IT • August 4, 2017
Connect with us

What is it?


Even if you’ve never heard the term Multi-Factor Authentication (MFA) before, it’s very likely that you’ve experienced it. Have you ever tried to login to your bank info from your work computer or cell phone and been prompted to enter a one time password sent to you through text or email? That’s Multi-Factor Authentication-MFA.


Multi-Factor authentication means that a user will have to provide more than one method of authentication to verify their user identity to login or complete a transaction. Its goal is to create another layer of defense against hacking attacks and to make it more difficult for an unauthorized person to access the network.


Why use it?


Stolen passwords are the number one cause of data breaches according to Verizon’s 2015 Data Breach Investigations Report. Hackers sell stolen passwords on the Dark Web and once hackers have gained access to a network, they can use programs like Pass-the-Hash and Mimikatz to compromise privileged accounts and passwords. Multi-Factor Authentication prevents many of these attacks because it requires the hacker to have more than just the stolen password.


Best Practices for Implementing MFA:


  1. Implement it Across the Board: MFA is most effective when it is applied everywhere- meaning cloud applications, on-premise applications, resources, servers, commands, etc.
  2. Use Analytics to Implement: While security is important, so too is the user experience. Prompting users for MFA on every login attempt is not likely to make you popular at the office. But, you can leverage data and analytics to determine when a user should be prompted for MFA. For example, every user has a pattern of behavior like logging in from their office computer in Costa Mesa, CA from 9 am- 5 pm and then perhaps accessing the network remotely from home in Anaheim, CA after 8 pm. You can then use MFA to challenge the user when a login request is received from Houston, Texas at 11 am because it is outside of their normal pattern of activity.
  3. Utilize Single Sign-On in Addition to MFA: You can up your security game by implementing single sign-on alongside MFA because it will eliminate the need for multiple passwords.
  4. Monitor: Periodically check-in on your MFA policy to make sure that it is adapting to the changing needs of your organization.


See how Microsoft is managing user identity with its Enterprise Mobility Suite.

AWS stumbled this morning. Here’s why multi‑cloud keeps you moving.

By Shawn Akins October 20, 2025
October 20, 2025 — Early today, Amazon Web Services experienced a major incident centered in its US‑EAST‑1 (N. Virginia) region. AWS reports the event began around 12:11 a.m. PT and tied back to DNS resolution affecting DynamoDB , with mitigation within a couple of hours and recovery continuing thereafter. As the outage rippled, popular services like Snapchat, Venmo, Ring, Roblox, Fortnite , and even some Amazon properties saw disruptions before recovering. If your apps or data are anchored to a single cloud, a morning like this can turn into a help‑desk fire drill. A multi‑cloud or cloud‑smart approach helps you ride through these moments with minimal end‑user impact. What happened (and why it matters) Single‑region fragility: US‑EAST‑1 is massive—and when it sneezes, the internet catches a cold. Incidents here have a history of wide blast radius. Shared dependencies: DNS issues to core services (like DynamoDB endpoints) can cascade across workloads that never directly “touch” that service. Multi‑cloud: practical resilience, not buzzwords For mid‑sized orgs, schools, and local government, multi‑cloud doesn’t have to mean “every app in every cloud.” It means thoughtful redundancy where it counts : Multi‑region or multi‑provider failover for critical apps Run active/standby across AWS and Azure (or another provider), or at least across two AWS regions with automated failover. Start with citizen‑facing portals, SIS/LMS access, emergency comms, and payment gateways. Portable platforms Use Kubernetes and containers, keep state externalized, and standardize infra with Terraform/Ansible so you can redeploy fast when a region (or a provider) wobbles. (Today’s DNS hiccup is exactly the kind of scenario this protects against.) Resilient data layers Replicate data asynchronously across clouds/regions; choose databases with cross‑region failover and test RPO/RTO quarterly. If you rely on a managed database tied to one region, design an escape hatch. Traffic and identity that float Use global traffic managers/DNS to shift users automatically; keep identity (MFA/SSO) highly available and not hard‑wired to a single provider’s control plane. Run the playbook Document health checks, automated cutover, and comms templates. Then practice —tabletops and live failovers. Many services today recovered within hours, but only teams with rehearsed playbooks avoided user‑visible downtime. The bottom line Cloud concentration risk is real. Outages will happen—what matters is whether your constituents, students, and staff feel it. A pragmatic multi‑cloud stance limits the blast radius and keeps your mission‑critical services online when one provider has a bad day. Need a resilience check? Akins IT can help you prioritize which systems should be multi‑cloud, design the right level of redundancy, and validate your failover plan—without overspending. Let’s start with a quick, 30‑minute review of your most critical services and RPO/RTO targets. (No slideware, just actionable next steps.)

Microsoft Confirms GoAnywhere Exploitation: What IT Leaders Need to Know

By Shawn Akins October 13, 2025
How a Zero-Day in GoAnywhere MFT Sparked a Ransomware Wave—and What Mid-Sized IT Leaders Must Do Now

The Windows 10 Deadline Is Here—Are You Ready for What Happens Next?

By Shawn Akins October 13, 2025
The clock is ticking: Learn your options for Windows 11 migration, Extended Security Updates, and cost‑smart strategies before support ends.
More Posts