Multi-Factor Authentication, SaaS, and Cyber Insurance. Three terms that are never going to going to set that many pulses racing. However, they could have an enormous impact on your business without you knowing!
Businesses take out a cyber insurance policy to cover the damages that may arise from a cyber-attack or theft.
Multi-Factor Authentication (MFA) replaces a single password, used to access an application or system, by combining that password with some other thing. Perhaps a code received as a text, an approval in an app, or maybe a fingerprint.
The security benefits of MFA are clear. Even writing “password” on a Post-it Note inside a laptop has an extra layer of protection. This has not gone unnoticed by cyber insurance providers, who now offer a discount for their clients that use of it.
SaaS and Cyber Insurance
Business IT is changing though, and more companies are making more use of Software as a Service or SaaS.
Easy to start using, available everywhere, cost effective utility billing, and often free to start. It is not hard to see why it is so popular. However this has also caused a huge increase in the amount of unsanctioned IT with no financial and/or technical approval.
Insurance providers are aware of this and are stipulating that to qualify for the discounted premiums, all SaaS tools must have MFA protection. It is easy to understand why. A breach, is more likely to be the result of an unknown app. It has no approval and a simple password set by whoever signed up to try it out.
This is an issue however, because businesses generally do not have visibility of ALL their SaaS in use.
The impact of this extends way beyond just a saving on cyber security insurance premiums. By choosing the MFA premium, any SaaS not covered by MFA will invalidate the policy. Whether it is the source of an incident or not.
Suddenly those 3 technical terms have very serious ramifications at board level.
A simple audit trail of the SaaS tools in your business will mean that you can be confident in recommending the cheaper MFA cyber policy at renewal time. This also reduces your risk of unknowingly operating with an invalid policy.
If you would like a quick, easy, cost effective way to see all of the SaaS usage in your business, we can help.