MFA=Many Fewer Alerts?
The volume of data available on alert fatigue can be, well, fatiguing. We could cite the latest statistic showing that there are X bazillion alerts per person per day. But we live the problem—so we know it’s real.
Today, most vendors like to focus on AI’s ability to reduce and simplify the alert process. The discussion then becomes, “My AI is better than your AI.” That’s hard to prove in security, where customer environments are dramatically different based on size, vertical, and threat profile. As the bumper sticker says, let’s “eschew obfuscation.”
One overlooked capability to reduce alert fatigue is multi factor authentication (MFA). Unlike AI-based approaches, MFA isn’t driven by an algorithm. Rather, MFA is inherently self-service—relying on employee validation. This makes MFA much more reliable and effective to reduce alerts coming from lateral movement.
But there are other benefits as well.
- Budget friendly: Unlike vendor solutions relying on AI whose army of data scientists drive up the cost of the control, MFA can fit into large and small budgets. Whether a big bank with a seven-figure security budget or a nonprofit with a nominal security budget—MFA is cost effective.
- Easy to deploy: MFA has been around for some time and requires little training and changes to corporate culture. If anything, deploying MFA conveys to employees the importance of vigilance on a daily basis.
- Brings efficiency: Security is seen as a cost center. Deploying MFA everywhere can reduce or eliminate the reliance on other controls such as costly network segmentation tools that not only produce many alerts, but also require heavy manual intervention to deploy and maintain.
- Focus on strategic stuff: With an effective self-service MFA-everywhere deployment, security teams eliminate much of the tactical work of chasing false positives. Instead, security can focus on strategic threat hunting.