Zoho Corporation subsidiary ManageEngine has announced that its self-service password management and single sign-on (SSO) solution known as ADSelfService Plus now supports multi-factor authentication (MFA) for Virtual Private Networks (VPNs), protecting them from unwanted and unauthorized access.
ADSelfService Plus — which is an integrated Active Directory SSO and password management solution — offers password self-service, expiration reminders, and a multi-platform password synchronizer for enterprise applications. Its Android and iOS apps allow for self-service facilitation for end users regardless of where they are.
The ongoing COVID-19 pandemic has led to a dramatic rise in remote working over the past several months, which in turn has led to an increased reliance upon remote authentication and network security. VPNs in particular now have more of a need than ever for the enhanced security that many security experts agree MFA brings.
A recent rise in hacking attacks during the outbreak has placed even greater emphasis on MFA, with biometric authentication being highlighted by many as the best solution to ensure the safety of VPNs in a time when they find themselves in the crosshairs of hackers.
“VPN gateways are directly accessible through the internet and are prone to brute force and other types of attacks [and] relying on credentials alone to protect VPN access to vital resources could result in immeasurable losses,” said Parthiban Paramasivam, Director of Product Management, ADSelfService Plus. “Implementing MFA for VPNs ensures that employees have a second layer of defense even if their credentials are compromised. ADSelfService Plus presents a MFA solution that is both secure and easy to use for employees.”
With this latest update, ADSelfService Plus now supports a number of various biometric authentication options, including fingerprint and facial recognition, while also supporting other forms of MFA such as Yubikey OTP, Google Authenticator and Microsoft Authenticator.
Additionally, it encourages strong password hygiene, with policy rules preventing the use of dictionary words, palindromes, and commonly used patterns such as 1234, asdf, and qwerty.
September 1, 2020 – by Tony Bitzionis