We're implementing Multi-Factor Authentication (MFA) at my workplace soon and I'm currently on the Service Desk team helping with the testing. So far, things are going smoothly! However, I'm concerned about how it will impact the general user base. The plan is to require MFA for anyone accessing company resources from personal devices, but not for those on company PCs. I'm worried that a lot of our staff don't want to install the Microsoft Authenticator app on their personal devices and might push for work phones instead. How did your organization handle MFA? Did your staff adapt easily, or was there significant pushback? I'm just here to support the users who reach out to us for help, as our organization has about 3000 employees. Any tips or insights would be appreciated!
5 Answers
Make sure you're ready for those users who refuse the MS Auth app. You could offer token devices for those who absolutely won’t use their personal devices! The journey to MFA can be clunky, but once everyone is onboard, it's worth it!
It's going to be a bumpy ride for sure, but as long as there's a plan, most people will adapt eventually!
MFA is essential, there's no argument about it. If people can handle MFA for their Netflix or Amazon accounts, they should be able to adapt at work too. Just make sure your company has solid plans in place for onboarding and training!
LOL, right? If employees can use it for their personal accounts, they really shouldn't resist it for work.
Exactly! It's all about setting expectations and providing clear instructions. Users adjust pretty quickly once they know what to expect.
Honestly, I think you're overthinking it. Most users will grumble initially, but the pain is minimal. Just provide a clear and simple guide for setting things up. We've done something similar, and once users know MFA is mandatory, they adapt quickly!
Wow, that should make for an interesting rollout. Just take it one step at a time and support them through the transition!
True! The initial pushback can be managed with good communication and support. People get used to change as long as they have the resources they need.
It's surprising you're only implementing it now! If your management gets serious about security, MFA should be mandatory on both work and personal devices. It's the only way to keep everything safe!
Agreed! Entrepreneurs should realize the risks of not having MFA in place. It's a bit late, but better late than never.
Yeah, and many organizations are making this a requirement now due to cyber insurance policies.
Our organization required MFA for everything, including corporate devices. It created some initial complaints, but offering Yubikeys and other alternatives made it smoother for the few who resisted. If you have the backing from management, you shouldn't have to worry too much!
We did the same thing—providing alternatives to make it easier helps a lot!
Exactly! Having a few different options can make all the difference in easing users' transitions.
Right? Tokens can be a great bridge for the less tech-savvy users to ensure they still comply with security requirements.