Upcoming MFA Changes for ESS

Multi-Factor Authentication for ESS

In 2025, Multi-Factor Authentication (MFA) will be introduced for Employee Self Service (ESS) to enhance security compliance and protect sensitive information. This important update ensures adherence to the Australian Taxation Office (ATO) guidelines for accessing hosted payroll solutions. The ATO requires MFA enforcement for accessing payroll Personal Identifiable Information (PII). PayGlobal ESS supports this compliance, safeguarding sensitive data and reducing risks from cyberattacks.  Australian businesses with hosted payroll who haven't implemented Single Sign-On (SSO) will be required to adopt MFA.

More Ways to Securely Authenticate ESS:
MFA strengthens security through multiple verification methods, such as using an Authentication App or One-Time Password (OTP) via email. These advanced authentication methods significantly lower the risk of unauthorized system access.

Flexible Authentication Options:
Organizations can select Single Sign-On (SSO) for seamless integration or MFA for enhanced independent security. This flexibility ensures businesses can secure their systems based on their specific operational requirements.

Preparation 

 MYOB strongly recommends beginning preparations now to ensure a smooth transition when the changes take effect in 2025.

Preparation Steps for Customers: 

1. Evaluate Authentication Needs: Review current access methods and determine if Single Sign-On (SSO) integration or direct MFA setups will align with your organization's workflow. 

2. Educate Staff: Inform employees about the upcoming authentication changes and ensure they are familiar with MFA practice. 

3. Upgrade Systems: Verify that payroll and ESS systems support MFA and are compliant with ATO guidelines. 

4. Conduct a Security Audit: Validate current security practices and address gaps in authentication processes to meet compliance standards. 

For more details, refer to the ATO's DSP Operational Security Framework. Optional resources are also available for implementing SSO to comply with these security standards effectively.

These changes mark a significant move towards modern authentication and compliance, ensuring payroll data integrity while offering adaptable solutions for diverse organizational needs.