By Zach DeMeyer Posted August 18, 2019
Recently, Google announced they would be distributing one of their newest security products, dubbed Titan, to Canada, Japan, France, and the UK in a big global move. In the wake of the announcement, some wonder what is Google Titan? Let’s explore the product together.
What is Google Titan?
Google Titan is a hardware security key that can be used for two-factor authentication (2FA). They are designed to work with a number of browsers, and are compatible with Google’s Advanced Protection Program. Google describes these USB/Bluetooth keys as a “phishing resistant” solution that works with services supporting FIDO (Fast IDentity Online) standards.
In practice, they are very similar to other options available, Yubikey being one of the more prominent examples. Titan, of course, is more tailored towards uses with Google’s Cloud Identity. It can also be leveraged to authenticate to a number of third-party web applications as well.
Problems with Titan
In an era where identity security is paramount, using 2FA security keys like Titan is an excellent way to prevent attacks. In fact, according to Google’s own report on 2FA basics, security keys prevent 100% of account takeovers. Like with many of Google’s solutions, the tech giant has gone through certain lengths to promote the security uses for the Titan product.
A major drawback of Titan, however, is that unlike Google Authenticator, a free application that generates time-based one-time passwords (TOTP) for 2FA, people need to buy Titan to use it. Google Authenticator and other prompted device-based 2FA methods also fared well in Google’s 2FA basics report. Beyond that, they need to learn how to integrate and use them with their web apps as well as protect the physical key from theft.
Additionally, like we said earlier, these keys are limited only to browser-based resources. This means that systems, networks, and on-prem apps are left out, requiring another service inorder to implement 2FA across them. IT admins need their 2FA/multi-factor authentication (MFA) tooling to be able to be spread across most, if not all of these resources.
MFA from the Cloud
JumpCloud® Directory-as-a-Service® is the world’s first cloud directory service, enabling IT admins to manage their users and their access to systems, applications, networks, infrastructure, file servers and more. Organizations can use JumpCloud to allow their end users to employ a single set of credentials to authenticate to all of these resources. This includes the ability to enable TOTP-based MFA for many of these resources, all in just a few clicks from the browser-based Directory-as-a-Service admin console.
JumpCloud’s security features extend beyond MFA. IT organizations can use JumpCloud to enforce full-disk encryption (FDE), and more across entire Windows® and Mac® system fleets. Admins can also create password complexity and rotation settings to ensure that their end users’ set of JumpCloud credentials are secure, along with the use of MFA. Directory-as-a-Service also features a complete integration with G Suite™, meaning organizations can sync their existing G Suite users and simplify further changes by managing them through JumpCloud.
Try JumpCloud Free
While Google Titan is an excellent way to enforce secure 2FA, IT organizations can also rely on JumpCloud to provide MFA across a broader range of resources on top of comprehensive identity and access management from the cloud. Sound right up your alley? You can schedule a free personalized demo and see the JumpCloud product in action. If you would like, you can also sign up for JumpCloud and gain full access to Directory-as-a-Service for free for your first ten users.