Multi-factor Authentication Solutions

The simplest, most effective way to make sure users are really who they say they are

Multi-factor authentication protects against phishing, social engineering and password attacks, securing your logins from attackers looking to exploit weak or stolen credentials.

What is Multi-factor authentication?

Multi-factor authentication (MFA) is a two step verification process, which is designed to strengthen security, by not only requiring a password and username, but also an item a user has on their person, such as a smartphone app to approve authentication requests.

Man and woman in office holding tablet with Wi-Fi

Why do I need Multi-factor authentication?

With employees working from anywhere protecting your endpoint devices against cyber security threats is becoming more difficult. With passwords being used across multiple sign-ins, both corporate and consumer the danger of shared or leaked passwords being able to access your corporate environment are real.

Multi-factor authentication (MFA) is an essential piece of security for all businesses, required to increase the security of your organisation and for meeting compliance requirements. By implementing MFA, you can help secure your company’s assets, data, and accounts. It is especially important if you remote workers, privileged users, or employees that access corporate resources on their laptops.

Why use EBC Group for MFA?

EBC Group provides the best in IT cyber security and Multi-factor authentication solutions. We partner with several suppliers for MFA, including Watchguard’s AuthPoint which replaces complex deployment with simplified Cloud-based MFA that provides optimised user management and protection anytime, from anywhere.

We can integrate your MFA with our other our intrusion prevention technology, to provide protection against network threats, in addition to offering the latest and most advanced filtering systems and anti-spam for your endpoints and network firewalls. We can also provide you with a full back-up and disaster recovery solution.

Features and benefits

Push notifications

Verify your identity by approving a push notification from a mobile app on your smartphone or other item.

Security tokens

Using a hardware or security token, such as a smart card, a passcode is generated that you must type into your two-factor prompt.

TOTP

Similar to SMS, a two-factor authentication app generates a new, unique passcodes. These are known as one-time passcodes (TOTP).

U2F Device

Universal 2nd factor (U2F) uses an authenticator (USB hardware device) and a server. A user authenticates by tapping the device inserted into their computers USB device.

Phone call-backs

This method calls your phone and waits for you to pick up and press any key to authenticate before allowing access.

SMS Passcodes

A unique passcode is sent to your phone, via SMS that you must type into your two-factor prompt.

WatchGuard AuthPoint

AuthPoint implements multi-factor authentication (MFA) using the AuthPoint app. Any external login attempt creates a secure push notification to the user’s smartphone, which shows who and from where someone is trying to authenticate a login. When this message is part of the users own login process, they simply accept and quickly gain access to the authorised network resources and Cloud apps. If the authorisation attempt fails it will cause hackers to be blocked from gaining access – even when they are using the correct credentials.

Multi-factor authentication – FAQs

SMS-based verification is less secure than other methods because it is vulnerable to hijacking. It is acceptable as a back-up method since using multiple factors of authentication will always be stronger than using just one layer of protection. However, SMS-based authentication should not be the primary or default method used. If it is, look elsewhere.

A good user experience is critical to ensure successful MFA adoption. If end users feel that the particular solution impedes productivity and prevents them from accessing the resources they need, it will not work. Ask the service provider to walk you through the user experience and question any parts that you predict will frustrate your employees (e.g. certain hardware tokens that are easily lost or forgotten). Ask the service provider if there are features that help with end-user adoption or if they have any recommendation on gaining end-user adoption.

If you have employees that travel for work and that need to access their laptops while on the airplane, you’ll need to ensure that your chosen MFA solution supports offline authentication. There are other instances, such as when you are connecting to hotel Wi-Fi or public Wi-Fi or when an Internet connection is spotty, in which offline authentication is required. Ask the service provider about offline authentication options and be sure that their solution is easy, secure, and doesn’t require  helpdesk connections.

Web single sign-on not only makes the solution easier for the end user, but also makes it more secure. It’s essential that Web SSO into Cloud applications is supported by any MFA solution you are considering. If your company uses many different Cloud applications and each of those apps require users to sign in and create passwords, then the user experience becomes very complex. It also means employees will need to reset their passwords more often and may require helpdesk support more often. This can be avoided with single sign-on, which enables users to sign on just once to access all their Cloud  applications. This ultimately provides a better user experience and is an important motivation for user adoption.

 

Our Clients

Success Story

Talbots Law makes significant investment in digital transformation

Director in data centre next to server

Arrange a FREE IT Audit for your business

Get your free consultation

Partners and Accreditations

BT logo
Canon partner logo
Dell EMC logo
Microsoft Silver Partner Banner
Swyx logo
Xerox re-seller logo
M-Files partner logo
VM Ware logo
Veeam logo
Xirrus logo
Cyber essentials plus logo