|4 Things You Might Not Know About Multi-Factor Authentication
- Security is fast becoming the primary area of Technology focus for IT departments, due in a large part to the dramatic rise in cyber security adverse events and their growing sophistication and complexity.
- Security measures that were not long ago, regarded as “a luxury”, are now almost a mandatory requirement for all businesses, big and small.
- Multi-Factor Authentication, or MFA for short, is an additional layer of authentication which relies on the user possessing a physically separate device, to prove identity. The most common incarnation of MFA is for Users to accept or deny an authentication challenge sent to their phone.
- XSTRA has invested a lot of time in evaluating the many options for MFA. The result of our testing has led us to select AuthPoint by WatchGuard due to its flexibility, good reviews and great value.
| OVERVIEW: AuthPoint is an MFA solution with the advantage of NOT requiring Active Directory.
- This means it can be deployed in a range of Enterprise and SME scenarios, with or with-out Active Directory in play.
- If using Active Directory user names, then the user name set in AuthPoint has to match the Active Directory user name.
- This is because the only thing passed to AuthPoint when logging in on a machine that has the AuthPoint desktop client installed, is the User Name and it is the User Name that AuthPoint uses to send the MFA challenge to the AuthPoint application on a phone.
- For each Client AuthPoint is installed on every RDSH or VDI machine inside XSTRA’s data center infrastructure.
- AuthPoint is also installed on any Web gateways (RD Gateway or Citrix StoreFront)
| CLIENT EXPERIENCE
- Once a Client decides to rollout the AuthPoint solution they will need to determine if all Users will be subject to the AuthPoint MFA security requirements or will it only be used for a small set of Users.
- Users can by-pass the authentication challenge using their login name or a known IP address location effectively “whitelisting” the User in the AuthPoint portal
- For an effective rollout, all Users need to be added into the AuthPoint system and assigned an AuthPoint license. Registration and setup emails will be sent to each User from AuthPoint’s portal.
- The Client should set a go live date – which will be the date that AuthPoint is enabled and the is the same date by which all participating Users must have completed their registration and setup the AuthPoint app on their smart phone devices.
| USER EXPERIENCE
- Users are sent an email invite and the User pairs their AuthPoint account in the cloud with the AuthPoint app that will install onto their smartphone.
- When the user logs in they will recieve a push notification to the smartphone which they can accept or deny.
- If the User is connecting from a known location with a static IP address and XSTRA has whitelisted the IP address in AuthPoint, then the User will only be challenged by AuthPoint once per login event. All other login attempt types will incur 2 AuthPoint challenge events.
| XFORCE – Multi-Factor Authentication – Per User – Monthly – $9.90
- Powered by AuthPoint from WatchGuard
- Token Security
- Push Notifications and Time Based Tokens
- Supports QR Code Token setup
- Password Manager
- Hardware Token options
- MFA Support for:
- PC Login (Works with or without Active Directory or Azure joined devices)
- Office 365
- Supplied, Installed, Configured, Maintained, Managed, and Monitored by XSTRA
- 24/7 XCARE Support
- May reduce your Professional Indemnity or Cyber Security Insurance premiums
- Minimum Term: 12 months
- Tenant Creation and Ongoing Administration
- Covers device application installations and configuration on:
- Apple IOS mobile devices
- Android mobile devices
- Monthly Reporting to Clients on incidents
- Log file analysis and Alerts when breaches occur
- Licenses can be moved between Users
- Lead Time to complete initial rollout: Allow approx. 10 Days
Jun 24, 2022