In Blog, Mac Management, Multi-Factor Authentication (MFA)

Lock down your deviceMFAThere has been this interesting movement over the last few years where pundits and analysts proclaim the death of the computer.

Basically, the thought process is that the cloud is doing away with the smart computer. It will be replaced with a ‘dumb terminal’ that just needs to connect with to the Internet. Chromebooks are in this vein and so was the Oracle thin client computer from the 2000s.

The problem with this theory is that it hasn’t held up. In fact, people are buying more computers, smartphones, and tablets than ever. The issue is actually a different one.

The Real Device Trend at Play

screenshot-docs.google.com 2016-07-15 14-47-50

The more pressing question for enterprise is this: how you can lock down your devices and enable users to leverage the cloud from anywhere?

Laptops are no longer behind the firewall – they are utilized everywhere from home, coffee shops, on the road, and elsewhere. These machines are subject to the open Internet and are touching more websites than ever before. That means more chances for a breach.

icon-device-management-40bdeeefaf556edaad1b23caad0c4792The device management game has undergone major changes as the shift to WiFi and the cloud has introduced new security risks and rewards.

While there are a number of ways that organizations should protect their Mac, Windows, and Linux machines including anti-malware software and full disk encryption, we are going to focus on one area for the popular Mac OS X platform: multi-factor authentication or MFA / 2FA in short.

MFA for Devices

icon-password-complexity-management-12987c580b493c5b6ee67c7ad3a0600cMulti-factor auth means that there is a second item that the user is required to enter when logging into the device. So, when you log into your Mac laptop or desktop machine, you’ll enter your username, password, and then a token generated by your smartphone.

This is a significant level up of the security of the device. If a device is lost or stolen, the hacker would not be able to crack the password and log in. They would also need your phone. This makes life a lot more difficult for would-be hackers and improves enterprise security exponentially.

MFA is a Critical Security Feature

As we know, our laptops and desktops aren’t thin client computers. They have sensitive data on them. Even with organizations and users leveraging the cloud, source code is developed on machines, customer lists are saved on the computer, and employee data is manipulated in Excel on a Mac.

Maybe some day the prognosticators will be proven right and most computers will be ‘dumb terminals’ that leverage IaaS. But that hasn’t happened yet and it won’t happen for years into the future. The reality is that the device matters a great deal and locking it down it critical.

MFA is one of the strongest methods to secure a person’s Mac device.

Multi-Factor Authentication for Mac OS X

mfa_solutions_icon-956558376ec91b711e76651c2c8190c0Okay so how do you manage your Macs in the enterprise and implement MFA on all Macbooks and iMacs?

Mac MFA capabilities are provided as a part of JumpCloud’s Directory-as-a-Service® platform.

JumpCloud’s cloud-based directory service is a central user management system that helps IT admins connect user identities to the IT resources they need including systems, applications, and networks. As a part of our systems user and device management capabilities, JumpCloud offers Mac 2FA capabilities.

If you would like to learn more about how you can lock down your Mac devices through MFA, we have a step-by-step guide in our knowledge base on how to enable MFA for Mac OS X.

If you want to get your hands on JumpCloud’s innovative Directory-as-a-Service, you can give it a try. It’s easy to get started and your first 10 users are free forever.

 

Recent Posts