Posted on 10/11/2021 6:12:44 PM PDT by Jonty30
My work-place wants to bring in an MFA system for anybody to log onto their computers and I don't know exactly why they want this system.
I need to upload an app onto my phone and enable the biometric ID. I'm thinking of either hitting factory reset on my phone, since I don't know how much I can trust the MFA app to not keep track of my phone activitie, or buying a cheaper second phone, just for loading this app and using the phone to make phonecalls. Although I hate to spend the money to do, but it seems the safer option.
Do not install any company apps on your personal phone. They want you to have this, they should provide a phone.
Get a flip phone. Dump the smart phone.
The only thing I can figure out is perhaps they need more certainty for when somebody is on the internet and being able to validate their web activities.
Your already being tracked and your calls and texted being heard and read by the NSA.
Because morons keep clicking on phishing email links.
This is why we can’t have nice things anymore.
If I buy a cheap phone, it won’t matter because there will be nothing on that phone.
They should be able to give you a security token, a device that stores millions of PIN numbers that you can type in, rather than using your personal phone.
https://duo.com/product/multi-factor-authentication-mfa/authentication-methods/tokens-and-passcodes
Usually when IT departments push it, they push the app version because it's convenient (and people complained about the text code option), but the text code option is still available. That'll keep you from having to install an app.
My thought was because somebody was visiting sites they were not supposed to, so bringing in MFA was a sure way to ensure that they could hold the specific person accountable for their internet activities.
Cheap phones track just as easily as expensive ones
My guess is the company is increasing security against unauthorized access regardless of the level of security utilized by authorized users, such as yourself.
I understand that, but if I’m not using the phone, other than for the MFA, there isn’t anything to track.
Why is because of insurance underwriting requirements for Cyber Coverage. This is a hot segment and losses are out the roof for insurance companies with the ransomware attacks. MFA keeps accounts secure. As someone else mentioned, if it is a company phone and not your personal phone, then no problem. Use the phone for business and don't sweat it.
My company did this too.
I can see where it makes it more secure.
Someone signing in with my account isn’t going to get the confirmation call unless they also have managed to port my phone.
But when they take over security on your phone, it means you have to change phone passwords every month, and that is a pain.
And if you’re really lucky, work will use the same email provider as one of your personal accounts, and you’ll be constantly switching back and forth.
(buying a cheaper second phone)
I did that; one for a throwaway number.
Still I get spam and calls for the previous person who had that number. 🙄
Using MFA for authentication makes it tougher to hack an account guessing a password. The thief would also have to be in possession of your phone.
Thank you.
Anyone NOT using MFA is gambling everything now.
And its not hard to see what permissions the apps needs and block all others.
I know why they want to go to two factor authentication = they don’t want to have to pay ransomware, and they don’t want to be hacked.
As far as using the app to spy on you = unless you’ve invested in a phone with a removable battery, you are already being spied upon.
Safest thing to do is to get a cheaper burner phone for the logons. Or tell the company to suppy you with a company paid phone.
If you ever use your phone for anything business related, it is subject to being examined by lawyers at some point. Always decline the offer to BYOD to use for company access or communications. When I had to supply a computer for “work from home” I I bought a separate machine solely for work use.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.