Multi-factor authentication, MFA, 2FA, TOTP sign in, or whatever you wish to call it, is taking a hold on the IT security marketplace. It’s for good reason, too; adding another time-sensitive layer to the login process reduces the chances of identity compromise by 80% (Symantec). While there’s no doubt that adding MFA improves security, IT admins struggle with enforcing it with their end users. Because of the extra time it takes to login, many end users dislike it, and will often not set it up when IT asks. JumpCloud has taken this consternation into consideration, with our new MFA enrollment period feature to help assist IT admins with getting it adopted. But first, what is an MFA enrollment period?
MFA Enrollment Periods
When it comes down to brass tacks, requiring MFA across an enterprise is one of the most impactful improvements an IT admin can make to their organization’s network security. It’s remarkable how taking the extra few seconds to utilize a time-based one-time password (TOTP) as a secondary credential can stop many a would-be hacker in their tracks. In a day and age where business transactions can be done in seconds, however, every moment is crucial. The time-sensitive nature of the modern workplace has been one of the biggest detractors to MFA, despite its track record of improving security protocols.
An MFA enrollment period is a configurable time limit on the enforcement of multi-factor authentication for a user account. Given the hesitancy of many towards MFA, the enrollment period gives users a chance to warm up to the MFA process before it becomes a requirement. By allowing IT admins to set a window in which end users can choose to put off their MFA until it becomes a requirement, time that would be spent hounding employees to enable MFA can be used for more important things. End users can also ask questions and learn about why MFA is so valuable to them personally.
A New Addition to the DaaS Suite
MFA enrollment periods for the JumpCloud User Console are one of the newest additions to Directory-as-a-Service. Now, (Read more...)