Story image

WatchGuard launches multi-factor authentication solution aimed at SMBs

14 Sep 2018

Network security solutions company WatchGuard Technologies has unveiled AuthPoint, a cloud-based multi-factor authentication (MFA) solution designed for small-to-medium businesses (SMBs).

The product is meant to make MFA accessible for SMBs who traditionally have been barred to it due to cost, complexity and management issues.

According to a new survey of IT managers and professionals conducted by independent market research firm CITE Research, 61% of respondents from companies with under 1,000 employees believe MFA services are reserved for large enterprises.

WatchGuard’s AuthPoint addresses these authentication concerns by eliminating the complex integration processes, considerable upfront expenses, and burdensome on-premises management requirements.  “We know that a large portion of data breaches involve lost credentials, and since cyber criminals target organisations of any size, MFA is now a prerequisite for all businesses,” says WatchGuard authentication director Alex Cagnoni.

“In the absence of MFA, cyber criminals can utilise a variety of techniques to acquire usernames and passwords, such as spear phishing, social engineering, and buying stolen credentials on the dark web, to gain network access and then steal valuable company and customer data.

“With AuthPoint, we’re breaking down barriers between SMBs and MFA adoption with a solution that is affordable, easy to deploy, and scalable.” WatchGuard’s AuthPoint solution is a cloud service that can be deployed and managed from any location without the need for expensive hardware components.

The service relies on WatchGuard’s AuthPoint app to facilitate user authentication.                      

AuthPoint’s features include: 

  • AuthPoint App – Once downloaded and activated on a user’s smartphone, WatchGuard’s AuthPoint app enables users to view and manage any login attempts – by way of push notifications, one-time passwords or QR code entries for those in offline scenarios. Additionally, the app is equipped to store third-party authenticators such as Google Authenticator, Facebook access, Dropbox, and more. 
  • Mobile Device DNA – WatchGuard uses an innovative approach to user authentication called Mobile Device DNA that distinguishes cloned login attempts from legitimate ones. The AuthPoint app creates personalised “DNA” signatures for users’ devices and adds them to the authentication calculation. The result is that authentication messages not originating from a legitimate user’s phone will be rejected. 
  • Cloud-based management –  As a cloud-based solution, the AuthPoint service comes with an intuitive interface for businesses to view reports and alerts, and configure and manage deployments. Enabled from the cloud, AuthPoint requires no on-premises equipment, which cuts down on costly deployment and management activities. 
  • Third-party integrations – WatchGuard’s ecosystem includes dozens of third-party integrations with AuthPoint. This allows companies to mandate that users undergo the authentication process before accessing sensitive cloud applications, VPNs and networks. Moreover, AuthPoint supports the SAML standard, allowing users to log on once to access a full range of applications and services. 
Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.