Step Up Security: Multi-factor Authentication (MFA)

By Vince Lujan Posted December 10, 2019

Step Up MFA

One of the most significant steps that an IT organization can take to step-up security is adding multi-factor authentication (MFA). Let’s take a closer look at MFA and how it enhances IT security. 

The Rise of MFA

The concept of MFA has been gaining popularity over the last few years. The perspective amongst IT admins is quickly shifting from the perspective of MFA from that of a “nice to have” tool to a “need to have” solution — and rightly so. 

With so many websites hacked on a daily basis, compromised user credentials are common. Relying on a single authentication factor, especially an end user password, is simply asking for trouble. 

Fortunately, the solution to this problem is relatively simple. MFA leverages two or more authentication factors. As a result, user authentication remains secure even if one set of credentials are compromised. 

MFA has proven to stop an array of phishing attempts and brute force bot attacks. Analysts argue that many of the most significant breaches in recent memory could have been prevented with MFA. 

How Does MFA Work?

By using multiple authentication factors, admins create multiple layers of security. It’s effective because the authentication factors are mutually exclusive, meaning that compromising one doesn’t compromise the other. 

For example, the most common implementation of MFA leverages the core user password in addition to a numerical TOTP key via the user’s smartphone. As a result, a bad actor would need to compromise the core user identity in addition to the user’s MFA token.

Challenges with MFA

Unfortunately, enterprise-grade MFA solutions have been relatively difficult to implement and maintain. Historically, MFA layered on top of traditional directory services implementations such as Microsoft® Active Directory® (AD) or OpenLDAP, two on-prem identity management solutions. 

The good news is that a next generation cloud directory services platform has emerged that offers MFA functionality as a feature of the overall platform. JumpCloud® Directory-as-a-Service® delivers MFA for systems, applications, and networks without anything on-prem.

How MFA Works with JumpCloud

JumpCloud’s approach to MFA includes device level 2FA for Mac® and Linux® machines. It is also possible to enable it on the JumpCloud user portal which is the access point to many web applications. Both the system-level and app-level MFA provide significant benefits to IT admins. 

We also have a video that demonstrates this process on a Linux system. JumpCloud’s MFA platform can leverage TOTP generators such as Google Authenticator or Duo Mobile

Step Up Security with MFA

If you would like to learn more about how you can step-up security with multi-factor authentication, drop us a note. We can walk you through how we can help. Alternatively, feel free to give our MFA capabilities are try for yourself by signing up for our cloud identity management platform. Your first 10 users are free forever.

Vince Lujan

Vince is a writer and videographer at JumpCloud. Originally from a small village just outside of Albuquerque, he now calls Boulder home. When Vince is not developing content for JumpCloud, he can usually be found doing creek stuff.

Recent Posts