Why is MFA important?
Given recent trends of rapidly emerging cyberthreats and attacks on critical infrastructure, cybersecurity practices surrounding user access must be improved to ensure people and assets are kept safe. In the recent Florida water treatment hack, known user credentials were used to simply log in to the plant and gain access to control the system using TeamViewer. Days before the attack occurred, the largest database of breached usernames and passwords (3.2 billion unique credential pairs) was leaked online. This database contained 13 credential pairs that were linked to the Florida water plant. Had this plant been using MFA, the attack would have likely failed.
MFA adds an additional user confirmation step, which ensures that when a person logs on, it is actually them, and not an imposter. MFA is particularly important when users have privileges that allow them to gain direct access to the plant’s network. Without MFA, a password theft would be enough to put control systems, plant networks, SCADA systems and plant machinery at risk. Cybersecurity standards at industrial plants should demand MFA as a minimum standard to gain access for technical work.
What does MFA protect?
When dealing with critical infrastructure or any connected machine, MFA can be used to ensure the maximum benefit of the existing cybersecurity infrastructure.
At Ardexa, we strongly recommend the use of MFA to mitigate issues that arise when using passwords.
MFA on the Ardexa platform enables you to:
- Protect users when password theft occurs
- Safeguard against weak passwords
- Minimise unauthorised entry
- Complement existing cybersecurity capabilities such as remote access tunnels, audit logging, user permissions control, and more
How can I set up MFA in Ardexa?
As is standard for the Ardexa platform, implementation of MFA is simple and takes about 30 seconds. Simply head over to “MY PROFILE” in the Ardexa app enable MFA. Further instructions for implementation can be found here.
MFA in Ardexa can be set up by individual users, or mandated by administrators as required. To make life as easy as possible, Ardexa’s MFA works with all mainstream authenticators.