Introduction

In today’s digital age, companies face constant threats from hackers and cybercriminals. One of the most effective ways to protect sensitive data and ensure company insurance remains valid is by implementing 2-Factor Authentication (2FA) & Multi-Factor Authentication. This white paper discusses the critical role of 2FA & MFA in maintaining insurance coverage, highlights the consequences of neglecting this security measure, and examines the AT&T Snowflake attack as a case study.

Why 2FA & MFA are becoming Essential for Company Insurance

Company insurance policies often have clauses that require businesses to take reasonable steps to protect their data. If employees with access to critical business data and services do not have 2FA or MFA enabled and the company is hacked or held to ransom, the insurance may be deemed invalid. This is because the company can be seen as negligent and failing to exercise a good duty of care.

Image courtesy of Mandiant

Key Points

• Insurance Validity: Without 2FA, your company might be seen as negligent, leading to invalid insurance claims if a cyber attack occurs.
• Enhanced Security: 2FA provides an extra layer of protection, making it much harder for hackers to access your data.
• Case Study: If AT&T employees had used 2FA on their Snowflake accounts, the recent attack could have been minimized or prevented.
• LockBit 3.0: It’s not always major corporations Lock bit 3.0 post details of smaller companies who have been breached and details of the ransoms due.

Additional Points

• Legal Implications: Not using 2FA could be seen as negligence, affecting the company’s legal standing.
• Customer Trust: Implementing 2FA helps maintain customer trust by showing a commitment to security.
• Best Practices: Companies should regularly update their security protocols and ensure all employees are trained on the importance of 2FA.

Conclusion

Implementing 2FA is something the majority of vendors offer their clients to protect their data, but because of the “hassle” factor many employees don’t enable it. But with the major IT and other losses incurred by the insurance companies, they will start looking for new ways to push personal responsibility - 2FA & MFA are critical steps in protecting company data and ensuring insurance coverage remains valid.

FrontierZero’s 2FA and MFA monitoring capability enables companies to see which employees don’t have 2FA & MFA enabled in a single screen, to ensure you are always better protected.

By monitoring the simple yet effective measure, companies can safeguard their sensitive information, minimize the risk of cyber attacks, and avoid the financial and legal consequences of negligence.

References

• “The Rising Strategic Risks of Cyberattacks.” McKinsey & Company, McKinsey.
• Crane, G. “How to Protect Against the Rising Threat of Cyber Attacks.” Digital Insurance, Digital Insurance.
• “Cybersecurity Threat Trends.” Deloitte Insights, Deloitte.