Two-factor authentication (2FA) is one of the top security features that MSPs (managed service providers) can offer their clients. The dramatic improvement in security helps both parties sleep at night. But sometimes, client organizations are wary of implementing 2FA. “Do I really need 2FA? Will it hamper employee productivity? Does it cost more than it’s worth?”
MSPs may also have their misgivings. 2FA might result in more help desk tickets — and enforcing it at scale across multiple organizations requires careful tooling to execute well. Below, we’ll explore why 2FA is such a critical addition to the MSP’s solution stack and how to enforce it across Mac®, Windows®, Linux®, apps, networks, and more.
2FA requires you to present two things upon login to a service: something you know and something you have (or are). Usually, the “something you know” factor consists of a username and password credential pair. The second factor, “something you have,” can be anything from a randomly generated token to a physical key or biometrics.
Regardless of what the second factor is, simply including an additional factor to the authentication process has remarkable effects on security. For example, Symantec found that 2FA could have prevented 80% of recent security breaches. Additionally, in their study of the efficacy of MFA, Google’s Security Blog found that a second factor is 100% effective at preventing account takeovers due to bot, brute-force, and even targeted attacks, depending on the factor used.
Enforcing 2FA at Scale
Although 2FA is highly effective for increasing security, IT admins without the proper tooling have a hard time enforcing 2FA at scale across an organization. Many end users see 2FA as a tedious extra step, and some feel that the additional time taken to authenticate isn’t worth the security benefits.
As such, even armed with a solution to enforce 2FA, admins need to drive end user adoption for 2FA for it to really be effective. For MSPs, this issue is multiplied across each client organization. MSPs are responsible for setting up their clients’ security measures, so they’ll (Read more...)