JumpCloud Webinar: How to Secure Identities and Devices Across a Remote Workforce Register today

Step Up Security: Multi-factor Authentication (MFA)




One of the most significant steps that an IT organization can take to step-up security is adding multi-factor authentication (MFA). Let’s take a closer look at MFA and how it enhances IT security. 

The Rise of MFA

The concept of MFA has been gaining popularity over the last few years. The perspective amongst IT admins is quickly shifting from the perspective of MFA from that of a “nice to have” tool to a “need to have” solution — and rightly so. 

With so many websites hacked on a daily basis, compromised user credentials are common. Relying on a single authentication factor, especially an end user password, is simply asking for trouble. 

Fortunately, the solution to this problem is relatively simple. MFA leverages two or more authentication factors. As a result, user authentication remains secure even if one set of credentials are compromised. 

MFA has proven to stop an array of phishing attempts and brute force bot attacks. Analysts argue that many of the most significant breaches in recent memory could have been prevented with MFA. 

How Does MFA Work?

By using multiple authentication factors, admins create multiple layers of security. It’s effective because the authentication factors are mutually exclusive, meaning that compromising one doesn’t compromise the other. 

For example, the most common implementation of MFA leverages the core user password in addition to a numerical TOTP key via the user’s smartphone. As a result, a bad actor would need to compromise the core user identity in addition to the user’s MFA token.

Challenges with MFA

Unfortunately, enterprise-grade MFA solutions have been relatively difficult to implement and maintain. Historically, MFA layered on top of traditional directory services implementations such as Microsoft® Active Directory® (AD) or OpenLDAP, two on-prem identity management solutions. 

The good news is that a next generation cloud directory services platform has emerged that offers MFA functionality as a feature of the overall platform. JumpCloud® Directory-as-a-Service® delivers MFA for systems, applications, and networks without anything on-prem.

How MFA Works with JumpCloud

JumpCloud’s approach to MFA includes device level 2FA for Mac® and Linux® machines. It is also possible to enable it on the JumpCloud user portal which is the access point to many web applications. Both the system-level and app-level MFA provide significant benefits to IT admins. 

We also have a video that demonstrates this process on a Linux system. JumpCloud’s MFA platform can leverage TOTP generators such as Google Authenticator or Duo Mobile

Step Up Security with MFA

If you would like to learn more about how you can step-up security with multi-factor authentication, drop us a note. We can walk you through how we can help. Alternatively, feel free to give our MFA capabilities are try for yourself by signing up for our cloud identity management platform. Your first 10 users are free forever.


Recent Posts
PCI DSS requires that environmental event reports are readily available. JumpCloud provides deep holistic event reports at the ready.

Blog

PCI DSS Part 3: Monitoring & Reporting

PCI DSS requires that environmental event reports are readily available. JumpCloud provides deep holistic event reports at the ready.

Need more than Google Cloud Identity? Learn how to centrally manage identities not just for Google services but also for all IT resources.

Blog

Cloud IAM Feature — Google Cloud Identity

Need more than Google Cloud Identity? Learn how to centrally manage identities not just for Google services but also for all IT resources.

Traditional GPOs served IT admins well for a time, but now struggle with modern infrastructure, resources, and remote work. Find a hosted GPO option here.

Blog

Hosted Group Policy Objects (GPOs)

Traditional GPOs served IT admins well for a time, but now struggle with modern infrastructure, resources, and remote work. Find a hosted GPO option here.