The coronavirus pandemic that has swept the planet has led to a lot of businesses adopting, or considering, a “work from home” policy to ensure business continuity and the safety of staff.
As a result, many more people than before are logging into business resources from external networks.
Understandably, this is placing strain on network resources like VPNs and Multi-Factor Authentication (MFA) infrastructure. These access points are now being used by the entire workforce to reach the corporate network, rather than just a handful of employees.
And since remote workers also require stronger authentication than those working on-premise, a simple username and password entered over a VPN is just not secure enough. A smart and secure work from home policy thus demands Multi-Factor Authentication.
But the spike in demand can potentially be too much for some organisations whose MFA infrastructure isn’t ready for the load.
Earlier this week Forrester Research’s Sean Ryan wrote that “A critical piece of any MFA platform service is a high-availability configuration to ensure that authentication requests are processed if the infrastructure fails or parts of the network are overloaded.”
He also included some tips on how to address the issue.
What to do?
The first thing Ryan suggests is that businesses to talk to their MFA hardware vendor. Establish whether or not high availability of MFA functionality is part of their service offering. If it’s not, that’s a good conversation to have.
Should it be in place, but can’t support the number of required people, there are obstacles to overcome.
A potential solution, adding a second MFA vendor into the mix, poses its own challenges. These include procurement, licensing, installation, VPN integration, user provisioning and mobile app setup, and user training, all of which takes time. Not to mention, additional cost.
In light of this, Ryan suggests a more “targeted” approach when it comes to developing an MFA resilience plan.
These four tips can help you do that:
- Check whether you have high MFA availability and that it’s activated and configured correctly.
- Look into differences in your vendor’s cloud MFA options vs their on-premise MFA solutions. Go with whichever solution meets your needs best.
- Put SLAs in place that guarantee uptime. Be sure that they can accommodate extreme scenarios like a pandemic forcing your entire staff complement to work remotely.
- Build MFA redundancies around the resources that would have the biggest impact on your business if they go down.
Juniper Networks offers an extensive range of networking hardware, including products that come with built-in MFA functionality. Please contact our Juniper experts if you wish to chat about your MFA and general networking needs.
You can reach the Juniper team via the Tarsus Distribution switchboard on 011 531 1000. They are also available by email at this address.