Outsourced MFA (Multi-Factor Authentication)

Digital security is a major area of importance in the modern enterprise. With large organizations like Target, LinkedIn, and Yahoo all being breached recently (CNN), IT admins have the security of their company at the front of their mind. One thing that many security breaches have in common is that they often begin with an identity compromise. There are many ways to compromise an identity and, because it almost completely depends on the actions of the end user, IT admins can only do so much. However, IT isn’t helpless either. One of the most important steps in identity security that an IT organization can take is implementing multi-factor authentication (MFA). The challenge though with most MFA implementations is that they are difficult and time consuming to set up. Could an outsourced MFA solution integrated with a cloud identity provider make it easier on IT admins?

The Emergence of MFA

outsourced mfa

To understand the effectiveness of outsourced MFA, it’s important to understand how the concept of MFA developed. The idea behind MFA was to add a physical element to the password that, combined with a standard password, would be much harder to compromise. Essentially, a user leverages something that they know (their password), along with something that they have (a token) to gain access to an IT resource. By using both authentication mechanisms it becomes far more difficult for a hacker to compromise an identity.

This approach has been around for a number of years, but it has never really been easy or smooth to implement. IT admins needed to purchase another identity management platform, and connect that with the core identity provider which was usually Microsoft Active Directory®. Then, they needed to change the workflow for their users by giving them a hardware token. This setup would add complexity and costs to the organization.

Moving Away From Hardware

With the emergence of smartphones, hardware tokens could be shifted to software applications that generated a unique code. This made life easier on the end user, because there was no longer a need to carry around extra hardware for a key. (Read more...)

*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Jon Griffin. Read the original post at: https://jumpcloud.com/blog/outsourced-mfa-multi-factor-authentication/

Jon Griffin

Jon Griffin works as a writer for JumpCloud, an organization focused on bringing centralized IT to the modern organization. He graduated with a degree in Professional and Technical Writing from the University of Colorado Colorado Springs, and is an avid learner of new technology from cloud-based innovations to VR and more.

jon-griffin has 169 posts and counting.See all posts by jon-griffin