Why Every Mac Needs MFA / 2FA

By Rajat Bhargava Posted July 20, 2016

Apple Macs are the platform of choice for individuals and organizations.

What about Windows? We went from 97% of computing devices running Microsoft Windows in 2000 to to less than 20% today [Forbes]. Microsoft has faced challengers from all sides, including Linux, Chromebooks, and mobile / tablet operating systems such as Android.

But the Mac is leading the pack.

macs-family-mavericks

Whether Macbook, Mac Mini, or iMac, Apple devices running Mac OS X have become the platform of choice at organizations across the world. Macs are easy to use, high performance, and – generally speaking – secure.

But Macs Still Need to be Protected

Macs haven’t been the target of viruses much in the last few decades, but that’s changing as they become more prevalent.

They’re also often the target of theft, especially Apple’s fleet of sleek mobile devices, including Macbook laptops. Whenever a device is mobile, they are at risk of being stolen and then hacked.

macbookair_fam_side

There’s one technique to cut the risk of a compromised Apple Mac: multi-factor authentication (a.k.a. MFA, two-factor authentication, or 2FA).

The Password Problem

Improve_network_security-01-45ae90c34a8cf0dfeebbb35d88826dd3

Passwords to protect devices are nothing new. Users have leveraged their password for entry into their Mac for many years. In fact, with so many apps and websites, the average internet user now has 25 online accounts requiring passwords [Halock].

The challenge for your IT department is in making sure that the passwords in use at your organization remain safe. This is particularly tricky considering the rampant reuse of passwords across devices and platforms.

It’s all made worse by the fact that identities / credentials / passwords have become the single most sought after digital asset by hackers. In this day and age, if you have the login credentials, you have “the keys to the kingdom.”

A compromised machine is even worse. It is often logged in to many services both within a company’s network and on the Internet. Those can then be immediately compromised and the chain unravels.

But this can be decisively prevented. The most significant protection to any user account is to add multi-factor authentication – or two-factor authentication as it is commonly referred to.

Better Mac Security through MFA / 2FA

Password_complexity-74d39b5592ea13634b4fa807038bc21a

MFA is an extra box on your login screen (or in many cases an extra screen). You enter a pin code – usually a set of numbers – that has been either sent to your smartphone or generated on it.

Google Authenticator is one example of an application that generates these tokens.

Combined with the username and password, your pin gains you entry to your Mac device. If you only have one or the other, you cannot login. By adding a simple pin that is generated by your smartphone (something you have) and combining that with something you know, it is virtually impossible for a hacker to compromise your account. A stolen laptop or laptop left open at a coffee shop while you grab your coffee is less at risk of a compromise – we’d argue alongside full disk encryption, the chances of a hack are slim.

Mac management with Directory-as-a-Service

How to Get MFA on Macs

mfa_solutions_icon-956558376ec91b711e76651c2c8190c0

Mac MFA technology is available to you from JumpCloud. Our Directory-as-a-Service® platform is a core authentication, authorization, and device management platform. Along with those capabilities, we have added multi-factor authentication to Macs and Linux devices. For your applications, you can add multi-factor auth to the JumpCloud portal. Adding MFA capabilities ensures that you are stepping up your security. Here’s the “How to” guide.

Drop us a note if you would like to learn more about how to step up your Mac device security with multi-factor authentication. Combined with our cloud-based directory service, you can step up your identity management security and device security at the same time. Feel free to give our Mac MFA a try with our free account. Your first 10 users are free forever.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Recent Posts