18-06-2026

In today’s digital environment, passwords alone are no longer sufficient to protect our information. As part of our commitment to corporate security and the protection of personal data, we would like to reinforce the importance of adopting Multi-Factor Authentication (MFA).

What is MFA and How Does It Work?

MFA is an additional layer of security that requires users to provide two or more forms of identity verification in order to access an account or system. It is similar to a bank’s security system, having the key to the safe (your password) is not enough; you also need the code sent to your mobile phone or a fingerprint to open it.

Authentication factors are generally divided into three categories:

• Something you know: Your password or a PIN.
• Something you have: A physical token, a code sent via SMS, or an authentication app on your smartphone.
• Something you are: Biometric data (fingerprint or facial recognition).

Typical example:
You enter your username and password and then approve a code on your mobile device.

Why Should We Use It?

The primary purpose of MFA is to keep attackers out. Even if a cybercriminal manages to steal or guess your password through phishing attacks or data breaches, they will not be able to access your account without the second factor, which is available only on your personal device.

Benefits of Implementing MFA

MFA significantly reduces the risks associated with:

• Credential theft
• Phishing attacks
• Unauthorized access

Proactive protection: MFA mitigates the risks associated with weak or reused passwords.

Access control: it ensures that only authorized users can access critical resources.

Compliance and trust: It helps protect  the company’s reputation and supports compliance with international data protection regulations.

Risks of Not Implementing MFA

Failure  to implement MFA significantly increases security risks across the organization.

Unauthorized access: Once a password is compromised, attackers may gain full access to emails, confidential files, and financial systems.

Identity impersonation: Third parties may send emails or perform actions on your behalf.

Delayed detection: Unauthorized access often goes unnoticed for weeks, allowing damage to spread before corrective action can be taken.

Reputational impact and loss of trust: Security incidents may negatively affect the company’s reputation and stakeholder confidence.

Environments Where MFA Is Used

Corporate Environment

• Microsoft 365
• VPN (remote access)
• Accounting systems / ERP platforms
• Cloud applications (AWS, CRM, HR systems)

Cloud / SaaS Platforms

• Google Workspace
• AWS / Azure
• Salesforce
• Financial systems

Critical Access Environments

• IT administrators
• Infrastructure
• Servers

End Users (External Users or Customers)

• Online banking services
• Customer portals
• Sensitive applications

The Importance of MFA as a Corporate Security Measure

Today, MFA is considered an essential standard security practice.

In the corporate world, a single compromised login can lead to:

• Data encryption and extortion attacks (ransomware);
• Direct financial losses; and
• A loss of trust among  customers and suppliers.

Implementing MFA is not an obstacle—it is a safeguard for our digital identity.

Additional Note: The Human Factor Is the First Line of Defense

Although MFA is a powerful technological tool, security is a shared responsibility:

• Never share your verification codes: Even if someone claiming to be from “technical support” requests them.
• Report suspicious activity: If you receive an access notification that you did not initiate, notify the Information Security team immediately.
• Keep your devices secure: Ensure that the devices used to receive authentication factors are protected with active screen locks.

Digital security is a team effort. Implementing MFA is a simple yet fundamental step toward maintaining a secure, resilient, and efficient work environment.

IT

June 2026