WatchGuard Blog

Identity Management and Risk Authentication: Core Zero-Trust Technologies for Any MSP

In a dynamic world, where user mobility impacts security almost 100 percent of the time, multi-factor authentication (MFA) has become imperative and key to deploying a zero-trust network. Why? Users are connecting to company resources from different, unprotected networks Working hours have become more flexible, so they could be working from early hours to late evenings Devices could have been shared with other family members And this all means attackers will try to exploit this new world of possibilities. MSPs can no longer rely on network perimeter-centric security structures.

The increasing adoption of Cloud and remote access means that businesses need to enable secure access to their users (employees, contractors, partners) regardless of the location, network, or device. MFA is not the only solution you need to deploy a zero-trust security structure as part of your portfolio stack, but identity and access management certainly are core technologies that your business needs to implement to get on the right path to embracing the “never trust, always verify” approach.

MFA and Risk Authentication Equal Optimized User Management Risk-based authentication takes risk factors into account when performing an authentication decision. It goes beyond static authentication, allowing administrators to create rules that can modify the authentication behavior, sometimes making it easier if the risk is low; or asking for additional steps to ensure this is the right user, and blocking the access if the risk is too high, even if the user provided a correct one-time password (OTP).

Without risk policies in place, your company would need to enable the most secure authentication method at all times, for all users, potentially causing user friction for some segments. 

Read full article in MSSP Alert >

Share this: