By Jon Griffin Posted January 10, 2018
Digital security is a major area of importance in the modern enterprise. With large organizations like Target, LinkedIn, and Yahoo all being breached recently (CNN), IT admins have the security of their company at the front of their mind. One thing that many security breaches have in common is that they often begin with an identity compromise. There are many ways to compromise an identity and, because it almost completely depends on the actions of the end user, IT admins can only do so much. However, IT isn’t helpless either. One of the most important steps in identity security that an IT organization can take is implementing multi-factor authentication (MFA). The challenge though with most MFA implementations is that they are difficult and time consuming to set up. Could an outsourced MFA solution integrated with a cloud identity provider make it easier on IT admins?
The Emergence of MFA
To understand the effectiveness of outsourced MFA, it’s important to understand how the concept of MFA developed. The idea behind MFA was to add a physical element to the password that, combined with a standard password, would be much harder to compromise. Essentially, a user leverages something that they know (their password), along with something that they have (a token) to gain access to an IT resource. By using both authentication mechanisms it becomes far more difficult for a hacker to compromise an identity.
This approach has been around for a number of years, but it has never really been easy or smooth to implement. IT admins needed to purchase another identity management platform, and connect that with the core identity provider which was usually Microsoft Active Directory®. Then, they needed to change the workflow for their users by giving them a hardware token. This setup would add complexity and costs to the organization.
Moving Away From Hardware
With the emergence of smartphones, hardware tokens could be shifted to software applications that generated a unique code. This made life easier on the end user, because there was no longer a need to carry around extra hardware for a key. Not long after, the on-prem MFA solutions started to give way to outsourced MFA platforms integrated within the identity provider. This meant less complexity for admins, and less on-prem equipment.
This new approach benefited both the admins and their end users. IT admins could simply turn on MFA functions within their cloud directory service, and end users only needed to download an authentication application such as Google Authenticator. No longer was there a need to manage on-prem equipment, or worry about losing a token. Thus, the outsourced MFA method caught on. However, this still required admins to add another layer onto their Active Directory instance, maintaining some of the complexity of managing multiple tools in different locations.
Outsourced MFA From JumpCloud
Fortunately, MFA is taking another step forward with JumpCloud’s Directory-as-a-Service® (DaaS). Because we operate as the identity provider and the MFA provider, there is no need to manage multiple areas of software to implement MFA. It’s all done from one place with the DaaS admin dashboard. In addition, this outsourced MFA approach can be leveraged for Mac and Linux machines, and the web portal for single sign-on access to applications. IT admins don’t need to implement another piece of enterprise hardware and software, or deal with the integration steps with the on-prem identity provider.
With an easy to implement cloud approach to MFA, IT admins can dramatically step up their identity security. To discover more about JumpCloud’s outsourced MFA offering, make sure you reach out to us. Our team would be more than happy to answer any of the questions that you might have about MFA, or the rest of our platform. You can also sign up for a demo of the cloud-based directory to see the tool in action. Finally, if you would like to test the Directory-as-a-Service platform out for yourself, make sure you sign up for a free account. We offer all accounts 10 free users forever, period. No credit card required or anything. Check out the centralized cloud directory and outsourced MFA offering today!