What does MFA cost to implement and maintain?

Hint: MFA is always worth the cost to implement. MFA is the simplest, most effective way to make sure users are who they say they are

Cost Management - Business Concept. Green Arrow with Cost Management Slogan on a Grey Background. 3D Render.
Several components combine to determine the cost of MFA and it's implementation
  • Group 298

    Does the service charge for it? 

  • Group 298

    Basic vs advanced MFA

  • Group 298

    MFA setup costs

  • Group 298

    Training and maintenance costs

  • Group 298

    Does the service charge for it?  

  • Group 298

    Additional Background on MFA Options

Does the service charge for MFA?
Usually not.
  • Group 298

    Almost every service offers some form of MFA for free. Basic multi-factor authentication features are available to Microsoft 365 and Azure Active Directory (Azure AD) users and global administrators for no extra cost.

  • Group 298

    Microsoft offers licenses with more advanced capabilities such as Azure Multi-Factor Authentication. It provides additional configuration options via the Azure portal, advanced reporting, and support for a range of on-premises and cloud applications. 

  • Group 298

    A number of Microsoft licenses include Conditional Access capabilities. A conditional access policy allows you to use other factors when determining whether or not to prompt with MFA for example an MFA prompt may be forced when working from home or out of the office but not when working inside of the office. Conditional access policies also allow you to use a domain-joined PC as a factor (since the device itself is authenticated with Azure Active Directory). 

  • Group 298

    Some businesses use an identity provider like Otka or a third-party MFA application like Cisco DUO. These licenses can cost in the $3 to $10 per month per person range. These products typically pay for themselves by lowering support costs. You can imagine the nightmare that would be helping 100 different people each with their own Google account attempt to recover a lost Google authenticator install. With centralized management, IT can reset MFA on devices in seconds rather than hours.

Examples of basic vs advanced MFA
Basic MFA includes options most people have seen or used such as:

Advanced forms of MFA offer either greater security or greater convenience. It's common for high-profile users such as CEOs, CFOs, etc to have advanced forms of MFA. These licenses typically add $10 -$15 per month per user account.

For example, a conditional access policy may allow you to bypass MFA if you are working on a corporate-owned device that is connecting from inside a corporate network.

An Azure Active Directory P2 license uses machine learning to allow or deny access based on the risk of the sign-on.  If an account typically signs on at 8 AM from Columbus OH and one-day logs on at 1 AM from California more MFA prompts are warranted. 

ed-hardie-xG02JzIBf7o-unsplash

MFA setup costs

Basic MFA implementation projects can cost as little as a few hundred dollars to several thousand. Cloud-only applications such as Office 365 are easy to protect with MFA. Most advanced licenses or configuring for executive convenience add slightly to the cost. Older applications running on servers at the office are more time-consuming to configure if they support MFA at all.  

Some companies can send out a series of emails and reach 95% of employees self registering for MFA. Some companies require 30-60 minutes per person to walk people through configuration.

Training and maintenance costs
  • Group 298

    Training and support costs after the initial setup are minimal.

MFA products and information

Here's a reading list of some of the more popular MFA concepts and products. Otka and Azure AD SSO are more than just MFA but are included here as the next leap forward from MFA.

Want to find out what it would cost to implement MFA for your business? Schedule a call with us.
MFA For Your Team

Go to our guide to cyber security for small business