By Ryan Squires Posted September 11, 2018
Identity security is arguably the number one network security issue that IT admins face daily. A recent study claimed that compromised identities represent the top reason for security breaches. While the problem can appear daunting, tools exist to help mitigate the risk of compromised identities like multi-factor authentication (also called MFA, two-factor authentication or 2FA).Fortunately, a new generation of identity management capability for multi-factor authentication delivered from the cloud aims to reduce the chances of an identity security breach.
MFA – Something you Know, Something you Have
MFA basically means that users have to enter more than one factor for authentication to gain access to a particular IT resource. A second factor for authentication appeals to IT admins who seek to thwart hackers, and for good reason, because it requires users to leverage something they know (i.e. a username and password) along with something they have (e.g. a token generated by their smartphone). With MFA enabled, it becomes extremely difficult to compromise a user identity or account because hackers are forced to crack a password as well as gain access to a physical device often kept in a user’s pocket.
In practice, remote hackers attempting to gain access to MFA-protected accounts are negated because they simply do not have access to the smartphone and authenticator app linked to that specific account. And, even if they did, they’d have to correctly guess the screen lock pin. Good luck with that; smartphones can be programmed to lock after a certain number of failed attempts or can even be wiped remotely. In short, the identity management capability to lock down user accounts via multi-factor authentication makes hackers lives much more difficult.
Multi-factor at System and App Level
Forward-leaning IT organizations leverage MFA/2FA whenever possible at both the system and application level to keep hackers and bad actors where they’re supposed to be—on the outside. MFA on both levels ensures a much higher level of security than passwords alone. The challenge for IT admins, however, has been the implementation of multi-factor authentication with legacy identity providers and identity management solutions because it can get quite expensive to implement.
A new generation of cloud identity management capability for MFA is included in the modern IAM solution, JumpCloud Directory-as-a-Service®. In fact, IT admins get the ability to implement MFA at the system level on Mac® and Linux machines as well as the application layer via the JumpCloud user and admin portals. Further, MFA capabilities are included with the entire cloud directory services platform in addition to centralized user management, True Single Sign-On™, cloud RADIUS, hosted LDAP, system management with GPO-like policies for Mac, Linux, and Windows as well as much more.
Learn More about JumpCloud and MFA
If you’d like to learn more about how the identity management capability: multi-factor authentication can help to make your organization more secure, please do not hesitate to drop us a line or schedule a demo. Check out our video below to see how to setup MFA on a Mac system.