6 Tactics to Use When Introducing MFA to Reduce Resistance from Users

6 Tactics to Use When Introducing MFA to Reduce Resistance from Users

Multi-factor authentication remains one of the most effective security tactics for protecting your online business accounts.

Cloud attacks are on the rise as the pandemic has fueled remote working and the need for as many processes to be virtual as possible. In the last 12 months, there has been a 78% increase in cyberattacks in Canada due to remote employees.

When it comes to providing adequate network security for cloud data and assets, one of the methods proven to be the most effective is multi-factor authentication (MFA).

MFA requires an additional authentication step that involves a device in the possession of the user, which is why this is such an effective way to keep online assets secure.

MFA is 99.9% effective at blocking cloud account breaches.

But as effective as multi-factor authentication is, a majority of SMBs haven’t implemented it. A big reason for this is that they get resistance from users that don’t want to be inconvenienced by the additional step.

How can you overcome user pushback so you can successfully introduce this proven security strategy? We’ll go through several tactics you can use below.

Don’t Bring Employees in at the Last Minute

When employees don’t have time to properly process a new change in their workflow, they’ll naturally be resistant. Staff can resent a change they may have otherwise accepted if it’s sprung on them with no advance notice.

Bring your team into the process in the earlier planning stages, so they’ll have a change to warm up to the idea as well as ask questions and learn more about what it will actually mean for their day-to-day.

Proactively Identify and Address Resistance

You can’t expect all employees to be immediately onboard with your deployment of MFA, even if you explain the security benefits. Expect to get initial resistance, because it’s a natural human trait to be resistant to forced change.

Proactively identify resistance and address it by surveying employees about the planned MFA implementation and give them a change to get their questions answered. If you expect resistance and address it head-on with information and understanding, you can turn it into acceptance of the new process.

Get Leaders & Influencers On Board

If you have a manager that’s not supportive of the adoption of MFA, then there is a good chance that that person’s staff is going to follow the manager’s lead.

To successfully implement any new business process, it’s important to have the support of your leadership and any influential employees that others may look up to.

With your leaders onboard and supporting the change, you can help drive support from the group level up, rather than it being a transition people feel is being dictated to them from executives. 

Give User Choice in How They Use MFA

Uses gain a feeling of ownership over a process when they have some choice in how it impacts their workflow. Provide users options in how they use multi-factor authentication to reduce their natural resistance to change.

Some of the MFA options you might offer include:

  • Receiving the code by SMS
  • Receiving the code through a device app
  • Using a security key to authenticate

Consider Adding a Single Sign-On Application

You can address one of the biggest complaints with MFA (that it’s inconvenient) by using a single sign-on (SSO) application. 

An SSO app will connect to a user’s various business accounts and allow them to log in and authenticate once to be logged into all of them.

This significantly decreases the time it takes to access business apps on a daily basis and can improve security by providing one consistent login process across all accounts. 

Provide Training & Post-Deployment Support

While using MFA may seem simple, any adoption of a new process benefits from user training. Some users may be resistant of using MFA simply because they’re not “tech savvy” and are afraid they won’t know how to do it properly.

Provide a training session for your team in advance of implementing MFA in your company. Additionally, let users know that if they still have questions, they can get 1-on-1 support to ensure they fully understand the new login procedures.

Once you’ve deployed MFA, don’t assume that your team won’t run into any problems. It’s a best practice in change management to provide users with post-deployment support for at least 30 days. This means giving users a contact they can reach out to if they run across questions or issues as they begin using the new process. This helps ensure any initial issues are solved and the team can adopt the new process successfully.

Need Help Deploying MFA and Single Sign-On Technology?

Haxxess can help your Northern Ontario business improve cloud security and user experience at the same time. 

Contact us today to schedule a free consultation! Call 705-222-8324 or reach out online.

stay in touch

Subscribe to our newsletter and we'll keep you informed about latest IT news.