WatchGuard Technologies, a leader in advanced network security solutions, has unveiled AuthPoint – a cloud-based multi-factor authentication (MFA) solution designed for small and midsize businesses (SMBs).
The solution aims to support SMBs which have previously considered MFA to be out of reach due to cost, complexity and management issues. In fact, according to a new survey of IT managers and professionals conducted by independent market research firm CITE Research, 61% of respondents from companies with under 1,000 employees believe MFA services are reserved for large enterprises. WatchGuard’s AuthPoint addresses these authentication concerns by eliminating the complex integration processes, considerable up-front expenses and burdensome on-premises management requirements.
“We know that a massive portion of data breaches involve lost credentials and since cybercriminals target organisations of any size, MFA is now a prerequisite for all businesses,” said Alex Cagnoni, Director of Authentication at WatchGuard. “In the absence of MFA, cybercriminals can utilise a variety of techniques to acquire usernames and passwords, such as spear phishing, social engineering and buying stolen credentials on the dark web, to gain network access and then steal valuable company and customer data. With AuthPoint, we’re breaking down longstanding barriers between SMBs and MFA adoption with a solution that is affordable, easy to deploy, and vastly scalable – all of which is made possible by WatchGuard’s cloud-based approach to authentication.”
WatchGuard’s AuthPoint solution is a cloud service that can be deployed and managed from any location without the need for expensive hardware components. The service relies on WatchGuard’s AuthPoint app to facilitate user authentication. AuthPoint’s key features include:
- AuthPoint app – Once downloaded and activated on a user’s smartphone, WatchGuard’s AuthPoint app enables users to view and manage any login attempts – by way of push notifications, one-time passwords or QR code entries for those in offline scenarios. Additionally, the app is equipped to store third-party authenticators such as Google Authenticator, Facebook access, Dropbox and more
- Mobile device DNA – WatchGuard uses an innovative approach to user authentication called mobile device DNA that distinguishes cloned login attempts from legitimate ones. The AuthPoint app creates personalised ‘DNA’ signatures for users’ devices and adds them to the authentication calculation. The result is that authentication messages not originating from a legitimate user’s phone will be rejected
- Cloud-based management – As a cloud-based solution, the AuthPoint service comes with a convenient, intuitive interface for businesses to view reports and alerts, and configure and manage deployments. Enabled from the cloud, AuthPoint requires no on-premises equipment, which cuts down on costly deployment and management activities.
- Third-party integrations – WatchGuard’s ecosystem includes dozens of third party integrations with AuthPoint. This allows companies to mandate that users undergo the authentication process before accessing sensitive cloud applications, VPNs and networks. Moreover, AuthPoint supports the SAML standard, allowing users to log on once to access a full range of applications and services
“With the launch of AuthPoint, WatchGuard has smartly extended its product portfolio with a vital security offering that is often overlooked by SMBs and done so in a channel-friendly way that is easy to sell, deploy and manage,” said Greg Shanton, Vice President of CyberSecurity at Neovera. “AuthPoint’s cloud-based architecture means we can easily onboard new customers, allocate licenses, segment permissions, and report on their activity from a single, easy-to-use interface. It’s evident throughout the entire experience that AuthPoint was built keeping both the success of its channel partners, and the security of our mutual customers in mind.”
Key survey findings:
Password security is still a major issue among companies with less than 1,000 employees:
- Although most IT managers surveyed claim they provide some password training or policies to employees, 47% believe that employees still use weak passwords, 31% believe employees use network passwords for personal applications and 30% believe that employees share passwords
- A total of 84% of surveyed IT managers would prefer to have technology solutions in place to enforce password best practices, rather than relying on password policies and training
- Nearly half of surveyed IT managers (47%) suspect that their employees use simple or weak passwords, while only 18% believe employees don’t engage in any risky information security behaviours
These companies need an intuitive, cost-effective MFA solution:
- Just over 61% of IT managers at companies with less than 1,000 employees believe MFA services are designed for companies larger than theirs
- Of companies that don’t currently use an MFA solution, their top reasons for not purchasing one are that MFA would be difficult to implement, maintain and support, and that it would be too expensive. Inter-organisational resistance to an MFA deployment was also a common concern
- A total of 47% of companies currently using an MFA solution have implemented a version of SMS authentication methods, which are insecure and can be spoofed by a determined attacker. Also, 38% of companies using an MFA solution have hardware tokens, which are hard to manage, and can be lost or stolen