Multi-Factor Authentication (MFA)
Multi-Factor Authentication (MFA) is a security measure that requires users to verify their identity using two or more authentication factors before gaining access to a system. This adds an additional layer of protection beyond a username and password.
What are authentication factors?
MFA typically includes a combination of the following:
- Something you know (password or PIN)
- Something you have (mobile device, authentication app, or security token)
- Something you are (biometric verification such as fingerprint or facial recognition)
Why MFA is required
All systems that contain sensitive or financial information—especially banking platforms, payment systems, and databases with personal or donor information—must have MFA enabled. Passwords alone are not sufficient to protect against modern security threats.
Expectations for Crosspoint staff
- MFA must be enabled on all banking, financial, and high-security systems without exception
- Use an approved authentication method (authentication app preferred over SMS when available)
- Do not attempt to bypass or disable MFA for convenience
- Report any suspicious login attempts or unauthorized access immediately
Accountability
Failure to enable or maintain MFA on required systems places the organization at significant risk. Non-compliance may result in disciplinary action, up to and including loss of system access or further corrective measures.
MFA is a critical safeguard that helps protect the integrity of our systems, financial resources, and the personal information entrusted to us.