I'm noticing that our clients are increasingly requiring multi-factor authentication (MFA) through authenticator apps for project access. However, we don't provide company-issued phones, and some employees are hesitant to install these apps on their personal devices because they're worried about their privacy. They're fine accessing work emails from their phones, but they don't want work-related apps on their personal devices. How can I effectively explain that these authenticator apps are safe and don't give us access to personal information?
4 Answers
If they're worried about privacy, just reassure them that these apps won't give you access to their personal data. If that doesn't work, you can let them know it's either the app or a hardware solution—but they can't have unrestricted personal access and still refuse work tools.
It’s important to clarify that you can't force employees to install work apps on their personal devices. Even though it's reasonable to ask for the use of an MFA app, some may rightfully decline. Offering hardware tokens like YubiKeys could be a better compromise.
Consider providing YubiKeys for those who are resistant to using authenticator apps. We did this, and eventually, most employees found that the app was much more convenient. Those who still preferred not to use their phones were happy with the YubiKey solution since it’s effective against phishing.
You might want to present the legal aspects, too. By allowing an MFA app on their device, it becomes relevant in legal processes, which could deter some from saying yes to using it. Providing hardware tokens is usually a good alternative.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures