MFA for Cloud Services

Cloud services, particularly those that are widely used such as Office 365, SalesForce, Zoom and Box etc, are constantly targeted by attackers such as phishers, hackers, intruders, and other adversaries. Therefore, you must secure your cloud services with multi-factor authentication to ensure that only trusted users and/or trusted devices can access their service accounts.

Some cloud services have an internal MFA function, but many organizations have chosen to use DualShield MFA to protect their cloud services instead, as DualShield MFA provide a higher level of security, manageability and usability.

Key features:

All major cloud services support SAML authentication protocol, and DualShield MFA Platform has a built-in SAML IdP server. Therefore, DualShield MFA can be easily and seamlessly integrated with any cloud service that supports SAML, acting as the Identity Provider (IdP) for the cloud service, as well as providing multi-factor authentication (MFA) and single sign-on (SSO) functions

Having separate application & authentication vendors increases the level of security. Cybercriminals often target large cloud vendors to get access to multiple customers, and you could simply be an innocent casualty even if you were not targeted. If your application vendor is compromised then you want to ensure that your authentication vendor is not.

Users’ identities and their credentials must be kept in the most secure places. You might not want to place the database of your users’ identities & credentials in the hand of a 3rd-party cloud vendor, you want to have the total control of your own data. That’s exactly what DualShield MFA can provide to you – keeping your user database on premises or in your own private cloud.

DualShield MFA is an independent, on-premises or private cloud hosted MFA and SSO server. If you have both cloud and on-premises applications (e.g. VPN and RDP), or several cloud applications from different vendors (e.g. Zoom and Box), then DualShield is the ideal solution – it is a single, unified platform that can secure all of your applications with MFA, and provide SSO across all of your applications.

DualShield MFA provides a set of authentication and access control policies that enable granular administrative access control down to a user, machine, group or unit. For instance, in a circumstance where a user or machine needs to be exempted from two-factor authentication, the network administrator can put the user or machine in the exception list.

DualShield MFA supports an array of two-factor authentication methods for website logon, including:

  • On-Demand Password
    (code by sms, email and call)
  • One-Time Password
    (hardware token & software app)
  • Security Questions
  • Out-of-Band Authentication
    (mobile push authentication)
  • FIDO USB Key
  • Grid Card
  • Device Fingerprint
  • Keystroke Dynamics
  • Face Recognition