Published in: Uncategorized

Multi-Factor Authentication (MFA), SaaS, and Cyber Insurance

Author Adam Chamberlain

Published on: 31 March 2022

Multi-Factor Authentication, SaaS, and Cyber Insurance. Three terms that are never going to going to set that many pulses racing. However, they could have an enormous impact on your business without you knowing!

Background

Businesses take out a cyber insurance policy to cover the damages that may arise from a cyber-attack or theft.

Multi-Factor Authentication (MFA) replaces a single password, used to access an application or system, by combining that password with some other thing. Perhaps a code received as a text, an approval in an app, or maybe a fingerprint.

The security benefits of MFA are clear. Even writing “password” on a Post-it Note inside a laptop has an extra layer of protection. This has not gone unnoticed by cyber insurance providers, who now offer a discount for their clients that use of it.

SaaS and Cyber Insurance

Business IT is changing though, and more companies are making more use of Software as a Service or SaaS.

Easy to start using, available everywhere, cost effective utility billing, and often free to start. It is not hard to see why it is so popular. However this has also caused a huge increase in the amount of unsanctioned IT with no financial and/or technical approval.

Insurance providers are aware of this and are stipulating that to qualify for the discounted premiums, all SaaS tools must have MFA protection. It is easy to understand why. A breach, is more likely to be the result of an unknown app. It has no approval and a simple password set by whoever signed up to try it out.

This is an issue however, because businesses generally do not have visibility of ALL their SaaS in use.

Business Impact

The impact of this extends way beyond just a saving on cyber security insurance premiums. By choosing the MFA premium, any SaaS not covered by MFA will invalidate the policy. Whether it is the source of an incident or not.

Suddenly those 3 technical terms have very serious ramifications at board level.

A simple audit trail of the SaaS tools in your business will mean that you can be confident in recommending the cheaper MFA cyber policy at renewal time. This also reduces your risk of unknowingly operating with an invalid policy.

If you would like a quick, easy, cost effective way to see all of the SaaS usage in your business, we can help.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Background

SaaS and Cyber Insurance

Business Impact

You may also like