ManageEngine, the enterprise IT management division of Zoho Corporation, announced its identity security solution, ADSelfService Plus, now offers offline MFA for Windows. The new feature allows organizations to secure their data with authentication methods that prevent unsecured access to remote machines even when they are disconnected from the internet or when the authentication server is inaccessible.
Offline MFA improves the security posture of organizations by allowing users to access their machines only after confirming their identity using MFA, even if they are not connected to the internet, says ManageEngine.
ADSelfService Plus’ Offline MFA
While security measures like MFA can help secure endpoints and data, they may not be usable when the authentication server is offline or inaccessible, leaving organizations vulnerable to attacks. Furthermore, once a compromised machine regains access to the server, attackers could move laterally through the network and access other sensitive data, posing a significant threat to the entire organization. This is where offline MFA plays a crucial role in hardening endpoint security as well as network security.
“Remote and hybrid work models introduce new attack surfaces, are susceptible to modern attack strategies, and need to be secured using modern security measures,” said Parthiban Paramasivam, director of product management, ADSelfService Plus, in a statement.
“ADSelfService Plus enables remote work by ensuring authorized, secure access to the enterprise network, resources, and the data held in them. Its offline MFA feature mandates identity verification beyond a mere password and expands the security perimeter to physical devices that may be accessed offline, such as the laptop of a senior executive who is on the road or an engineer at a remote client site,” Paramasivam said.
Complying with Regulations
ADSelfService Plus also helps meet compliance requirements for various industries across defense, medical and financial sectors, says the company. Regulations such as HIPAA, the PCI DSS, and the GDPR recommend or mandate the use of MFA for access to sensitive data. With ADSelfService Plus’ offline MFA, organizations can meet the authentication and security requirements of these regulations while empowering their end users to securely work from anywhere.
ADSelfService Plus supports offline MFA for Windows logons, RDP logons, and User Account Control logons. The supported authenticators are Google Authenticator, Microsoft Authenticator, Zoho OneAuth TOTP Authenticator and custom TOTP authenticators, including hardware tokens.
Pricing & Availability
Offline MFA is available immediately in the latest edition of ADSelfService Plus as part of the Endpoint MFA add-on for its Standard and Professional editions. Pricing for the Endpoint MFA add-on of ADSelfService Plus starts at $395 annually for 500 users.
Pricing for the Standard and Professional editions starts at $595 and $1,195, respectively. ADSelfService Plus also offers a free edition for up to 50 users. A fully functional, 30-day trial version is available for download.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!”
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!