A consistent approach to MFA will boost security and efficiency
By Steve Aronson
A cybersecurity breach may be just another sickening story most insurance agencies and carriers have heard told, but when you go through one yourself — or help a client who is going through one — you suddenly get a new perspective.
The cost of a breach is only one aspect of the event. There is also angst, embarrassment, and a ton of lost productivity and time.
The investment in multifactor authentication (MFA) is worth it to avoid the crippling effects of a successful hack. MFA is a cybersecurity protocol that requires users to confirm their identity by more than one method, for example, user ID/password and a code sent by phone or email; a security token produced by a computerized authenticator program; or some a biometric identifier, such as voice or facial recognition.
Multifactor authentication is good medicine. But right now, about 40% of carriers aren’t using it, and about 20% of agents either don’t see its value or are unsure of its value, according to a recent IIABA Agents Council for Technology survey.
The insurance industry is and will increasingly be under pressure to bolster its cybersecurity. The Securities and Exchange Commission is pressing listed companies on cyber, and the costs of cyber breaches are escalating. MFA is a cybersecurity basic, and it can be done with efficiency.
MFA needed for each carrier portal
At this point, agents, CSRs and others wishing to sign in to carrier portals will need to go through the authentication process for each carrier that requires authentication. While the ACT survey didn’t indicate this was an enormous time expenditure, agents did say they want MFA to be “simple and effective” and they want the industry to “adopt one method across the industry with multiple ways to authenticate (app, text, voice).” To sum it up, respondents told ACT they want “SignOn Once” for MFA.
