Security specialist Centrify announced MFA Everywhere, an initiative aimed at securing enterprise identities against compromise, one of the most prevalent sources of cyber-attacks.
A single turnkey platform provides options for authentication factors, for adaptive multi-factor authentication (MFA) across enterprise identities and assets.
"Password-based security has failed. In 2014, billions of passwords were compromised. In 2015, millions more were added to that total," Chris Webber, security strategist for Centrify, told eWEEK. "It’s safe to say that the attackers have all of our passwords. We need something more between them and our sensitive data."
Webber explained that by requiring multiple factors for access Centrify makes it much harder for attackers.
"Today, attackers have no problem compromising passwords – whether by social engineering tactics that trick folks into giving the password up, or by brute-force password cracking with powerful computers," he said. "With MFA in place, those passwords are no longer enough for attackers to gain access."
The Centrify Identity Platform supports a range of enterprise resources, including thousands of software-as-a-service (SaaS) applications, on-premises applications, server operating systems as well as virtual private networks (VPNs) and network devices.
Additionally, it supports MFA for privileged command execution and secure shell (SSH) access to servers deployed both on-premises and in an infrastructure-as-a-service (IaaS) environment.
"MFA is not new, and businesses are well aware of the advantages it can provide for security," Webber said. "But since MFA was typically an all-or-nothing proposition that was cumbersome for end users, businesses have typically only deployed small islands of MFA, for their most secure applications, or the most privileged users."
He explained that with adaptive MFA, and context-based policy – companies can now eliminate the user hassle typically associated with MFA, noting that with a platform that spans cloud, on-premises an mobile, Centrify can finally deploy MFA across their resources, and their users.
Centrify can bolster security with additional factors including push notification, voice call, text message, soft token OTP, mobile biometric and OATH-compliant tokens.
"As users become ever more mobile, and applications and infrastructure continue to move to the cloud, traditional perimeter security will become less effective," Webber said. "As we move outside the legacy security perimeter, we need to rely on a new kind of policy – one based on identity – to assure the right folks have the right access. MFA is critical to that new policy, as it makes it much harder for attackers to gain access by posing as legitimate users."