WFH vs MFA: I won
-
The company last year hired a new IT Security Director. One of his goals was to implement Microsoft's Multi-Factor Authentication... and use the IT department as the guinea pigs. All we needed to do was to install the MFA app onto our smart phones and press a button every couple of weeks. There shouldn't be any problems... 1. What if I only have a feature phone (aka Dumb Phone)? 2. What if I have a Windows Phone? 3. What if I don't get phone service because I am buried within a manufacturing building? As those answers could not be satisfactorily answered, they have realized that MFA can be setup to call a phone; and I do have a desk phone at work so we are all good. And I can go back to secondary phone numbers which also can be called or SMS'd. All is well in the world. or is it Now to the present, and 80% of the staff is now working from home. MFA kicks in and rings the desk phone incessantly, annoying my coworkers; even if I choose to rollback to secondary numbers. To be the nice guy, I have muted the ringer at the end of the 1 day a week that I am in the office. So... I needed to talk to someone at one of our manufacturing facilities. Skype or Teams was out as their desktop computer is not equipped with a mic or speakers. What to do? I got it; install the SoftPhone app from work and get it setup. And then the realization came to me... So the increased security measure that I either have to be at work to answer my deskphone or answer my personal phone is now defeated by the fact that my laptop rings instead of any physical phone. I Won!
Director of Transmogrification Services Shinobi of Query Language Master of Yoda Conditional
-
The company last year hired a new IT Security Director. One of his goals was to implement Microsoft's Multi-Factor Authentication... and use the IT department as the guinea pigs. All we needed to do was to install the MFA app onto our smart phones and press a button every couple of weeks. There shouldn't be any problems... 1. What if I only have a feature phone (aka Dumb Phone)? 2. What if I have a Windows Phone? 3. What if I don't get phone service because I am buried within a manufacturing building? As those answers could not be satisfactorily answered, they have realized that MFA can be setup to call a phone; and I do have a desk phone at work so we are all good. And I can go back to secondary phone numbers which also can be called or SMS'd. All is well in the world. or is it Now to the present, and 80% of the staff is now working from home. MFA kicks in and rings the desk phone incessantly, annoying my coworkers; even if I choose to rollback to secondary numbers. To be the nice guy, I have muted the ringer at the end of the 1 day a week that I am in the office. So... I needed to talk to someone at one of our manufacturing facilities. Skype or Teams was out as their desktop computer is not equipped with a mic or speakers. What to do? I got it; install the SoftPhone app from work and get it setup. And then the realization came to me... So the increased security measure that I either have to be at work to answer my deskphone or answer my personal phone is now defeated by the fact that my laptop rings instead of any physical phone. I Won!
Director of Transmogrification Services Shinobi of Query Language Master of Yoda Conditional
Some of that stuff, like what if I don't have a phone accessible, I've argued with some financial companies. One game me a special "work around" that I had to agree to (i.e., take on some risk). The other, fortunately, manages to recognize my primary machines and only calls now and then. But a new degree of idiocy has appeared! I wanted to add a bank account (actually, change the account number since I changed them all some years ago when I lost a data-filled jump-drive). Well, the only way to authenticate oneself to them is by giving them your cell phone and them checking the identity of the account owner. My :elephant:ing phone is on an account with my daughter/son-in-law as part of a group plan. So, it always fails. They don't seem to care. (I will vote with my money), As implied in one of my tag-lines, the idiots just keep evolving.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
-
Some of that stuff, like what if I don't have a phone accessible, I've argued with some financial companies. One game me a special "work around" that I had to agree to (i.e., take on some risk). The other, fortunately, manages to recognize my primary machines and only calls now and then. But a new degree of idiocy has appeared! I wanted to add a bank account (actually, change the account number since I changed them all some years ago when I lost a data-filled jump-drive). Well, the only way to authenticate oneself to them is by giving them your cell phone and them checking the identity of the account owner. My :elephant:ing phone is on an account with my daughter/son-in-law as part of a group plan. So, it always fails. They don't seem to care. (I will vote with my money), As implied in one of my tag-lines, the idiots just keep evolving.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
Yeah, like trying to change my phone number at one of my banks. They need to call to verify it's really me. On the number they have. Which I want to change. Because it's no longer valid.
We won't sit down. We won't shut up. We won't go quietly away. YouTube, VidMe and My Mu[sic], Films and Windows Programs, etc. and FB