There are no barriers to implementing MFA, no matter what your requirements are.
Information security officers deal with compromised tools/stolen passwords through phishing and/or employee negligence or face regulatory requirements for secure employee access to internal systems, e.g. remote access to PCI data.
There are also operations managers struggling with password fatigue (e.g. dealing with multiple different passwords for different systems/identities, which leads to substandard practices such as use of weak passwords). They also deal with a higher than optimal number of calls to the help desk for password resets which results in increased costs.
MFA can apply to all organizations. There is no barrier to MFA – large and small organizations can find affordable solutions that are secure and easy-to-use.
It’s costing your organization more not to implement MFA. Think about how many password reset help desk tickets come in a day. This is an easy place to cut costs.
MFA doesn’t have to be a pain. You have choices; the selections on the market can satisfy your security needs and the needs of your users.
Impact and Result
Short term: Learning new processes can take a little bit of time, but end users will adapt to the changes with the right solutions, and authentication will be streamlined.
Long term: Efficiency will be more apparent with fewer help desk tickets, which subsequently means less end-user time wasted waiting for password resets, etc. You’ll also experience increased security overall in the long term thanks to the added authentication component.