Stolen passwords and brute force attacks are some of the common techniques used by the cybercriminals to get into the organization network. Leaving the passwords with the users and assuming everything would be safe is a risky practice. Instead, You need to enforce best practices of password management coupled with a second layer of authentication such as multi factor authentication (MFA). This is exactly what a robust PAM solution can offer.
Provide Additional Layer Of Security With MFA
With Securden Unified PAM, the primary method of authentication still remains to be one of SSO/ Active Directory / LDAP / Azure AD / RADIUS / Smartcard or Securden’s native authentication, whichever is befitting for your organization.
In addition to the above, Securden enforces a second layer of authentication by readily integrating with a wide range of MFA solutions.
Securden supports the following MFA options from the providers to enforce an additional layer of authentication
- Mail OTP - The MFA solution generates* a one-time password to be used as the second authentication factor and sends that to the registered email address of the respective user
- Google/Microsoft/TOTP Authenticator - You can use any Time-based One-Time Password (TOTP) authenticator app on your phones such as Google Authenticator, Microsoft Authenticator, and others
- RADIUS Authentication - You can integrate RADIUS server or any RADIUS-compliant two-factor authentication systems like OneSpan Digipass, RSA SecurID, etc. for the second-factor authentication
- Email to SMS Gateway - if you are already using an Email to SMS gateway software, you can integrate that with Securden to send OTP to users through SMS
- Duo Security - You can leverage the Duo security authentication as the second level of authentication
- YubiKey - Generate one-time passwords with the popular hardware authentication device YubiKey as the medium for the second level of authentication
- Securden also Implicitly supports OAuth/OAuth2 and OpenID through SAML.