By WatchGuard Technologies Director of Product Management Himanshu Verma
The need to protect employee, partner and customer identities is universal, resulting in a sizeable and growing market opportunity for multi-factor authentication (MFA) solutions and services from VARs and MSSPs. In fact, according to recent research, the market is expected to grow nearly 23 percent over the next three years. As organizations of all sizes, and especially SMBs, look to trusted advisers for help, partners need to be prepared to meet these rising security demands. This means not only ensuring they can provide essential protection for user identities, but that they can do so without adding complexity and cost to their service portfolio – or creating a difficult user experience. Cloud-based MFA is well-positioned to meet the security needs of the customer, while also presenting VARs and MSSPs with an opportunity for easy, scalable and profitable sales.
By incorporating cloud-based MFA services, solution providers can:
1. Eliminate the #1 Security Vulnerability Leveraged by Hackers
According to the latest Verizon Data Breach Investigations Report, stolen credentials are a top contributing factor to the vast majority of corporate breaches. And this isn’t just an issue for large enterprises. Weak and stolen passwords are a serious concern for the SMB market as well, with 58 percent of breach victims being small businesses. What’s usually overlooked is that a vulnerable SMB that is part of a larger enterprise’s business operations can exponentially increase the cost and impact of the breach (consider the Target breach as an example). Most advanced ransomware, and other advanced attacks that are known to put SMBs out of business, originate from stolen credentials. Adding MFA enables partners to address the need for security where it matters the most and have an immediate return on investment, by enabling customer’s adherence to several mandatory compliance and regulatory needs (such as PCI-DSS, HIPAA, CJIS, EPCS, etc.).
2. Reduce Administrative Cost and Complexity
Most cloud-based MFA solutions require little to no upfront investment for deployment, management, and reporting infrastructure. This makes them scalable and always available, while also improving the service’s performance. With cloud-based MFA, the management process can be so streamlined that end users without security staff can administer their own solutions if they’re not already working with a solution provider to do it for them. Cloud-based MFA can simplify a previously complex service without the use of expensive hardware, allowing VARS and MSSPs to offer MFA without the need to increase their staff and keep their costs in check in regard to technical support and helpdesk services.
3. Ensure a Smooth Customer/End-user Experience
Cloud-based MFA solutions offer ease of provisioning when it comes to end-user interaction. Another advantage is the flexibility and focus on modern smart phone-based authentication methods for the end user that highly improves the user experience, and can also easily incorporate built-in device security measures such as biometrics associated with MFA. Cloud solutions offer useful features that incorporate geolocation, contextual awareness, and support for trends such as bring your own device (BYOD) to ensure end users have the flexibility and choice based on the assurance level required.
4. Facilitate and Capitalize on Heightened Scalability
Cloud-based MFA solutions enable both scalable management and interoperability with applications. Whether it’s integrated with other cloud-based SaaS applications, or web-based applications that users authenticate to, cloud-based MFA solutions require zero footprint and management to protect these applications. The protection can also easily scale to traditional on-premise applications for local and remote access using lightweight authentication agents. This allows open integration with a wide range of applications such as SaaS or cloud-based applications that use modern authentication techniques like SAML, and support for traditional authentication protocols like RADIUS. The key is to ensure that the solution uses standards-based implementations of authentication without compromising security and privacy. All of this adds up to new opportunities for solution providers to easily scale and adjust their services as customers grow and change over time.
5. Tap Into an Easy Upsell/Add-on to Existing Applications or Security Bundles
As the MFA market continues to grow, partners need to be prepared to add MFA to their service portfolio. The ecosystem of technology integrations for MFA offers an easy upsell opportunity to solutions such as enterprise directory services, remote access VPN or virtual infrastructure, various web and cloud applications, and identity management solutions. Most VARs and MSSPs already offer these services to customers, so adding a packaged layer of security for applications that interface with user identities is an easy service line addition to any VAR or MSSP’s recurring revenue stream.
The Keys to Assessing MFA Solutions
There are plenty of MFA solutions in the market, but the key is to evaluate and rank them against the three main criteria of Total Cost of Ownership (TCO), security, and user experience. Let’s examine the role each of these elements play in selecting an MFA solution.
When it comes to TCO, channel enablement features cannot be overlooked. Customer onboarding is critical, as is the ability to keep customer data and configurations separated and to do so while maintaining visibility and control. Solutions that provide simultaneous access to both the managed service provider and the end-customer’s IT operator enable better accountability. It’s also important to vet MFA solutions for their ability to automate deployment, provisioning and de-provisioning, without the need to duplicate identity stores and offer out-of-box self-service and helpdesk features for the end-user. User identities are the most widely used entity within an enterprise IT ecosystem, so it’s key that users can benefit from added security without compromising their user experience. Solutions that combine MFA with single sign-on help add security and reduce identity proliferation for an enhanced user experience.
Other MFA evaluation criteria that VARs and MSSPs should keep an eye out for include the breadth of the technology ecosystem, the quality of service level agreements for the cloud service and the flexibility of pricing models involved. Cloud-based MFA services make perfect sense for most solution providers, but not all MFA is created equal. Keep these key considerations in mind as you contemplate adding MFA to your portfolio.