US cyber official urges Microsoft, Twitter to beef up security practices

Reading time icon 2 min. read


Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, urged Microsoft and Twitter to improve their security protocols to better secure users. Easterly said the number of users using the companies’ multifactor authentication (MFA) is “disappointing” but praised Apple for its high MFA usage among iCloud users.

On Monday, Easterly delivered a speech at Carnegie Mellon University, where Apple was mentioned as a role model for executing security practices for its customers. According to the US official, 95% of Apple’s iCloud users utilize multifactor authentication and explained that the high adoption rate is due to the company’s decision to make the feature a default. With this, Easterly compared the number to the current MFA usage rate in Microsoft and Twitter, wherein only one-quarter of the former’s enterprise customers use it while less than 3% of the latter’s users use it. 

While Easterly praised the companies for sharing the numbers about MFA usage in their services, she expressed the need for new legislation to be firm toward such businesses that have to deliver effective security practices. According to Easterly, laws need to “prevent technology manufacturers from disclaiming liability by contract, establishing higher standards of care for software in specific critical infrastructure entities, and driving the development of a safe harbor framework to shield from liability companies that securely develop and maintain their software products and services.”

Multifactor authentication is just one of the steps users can take to ensure safety in the cybersecurity world. However, without initiation from the companies themselves, it is true that most customers tend to ignore the adoption of such a security measure. Pushing features like this to customers, nonetheless, is just one of the many things companies like Microsoft should do to ensure customers’ security. But even with a bunch of different security efforts, momentary failure seems to be a part of any business. For instance, Microsoft encountered a widespread issue with its MFA in 2019, though the company managed to resolve it after hours of investigation. Meanwhile, in October last year, it was revealed that its users had been exposed to malicious drivers for three years due to an outdated vulnerable driver blocklist and inefficient security protection features.

Source: CNBC

More about the topics: cyber security, MFA, microsoft, multifactor authentication, security, twitter