ManageEngine has announced that ADSelfService Plus, its integrated Active Directory (AD) self-service password management and single sign-on solution, now offers Endpoint Multi-factor Authentication (MFA) for Linux logins. The new feature supplements Windows and macOS MFA support, making ADSelfService Plus the industry’s first on-premises solution to provide endpoint MFA for all three major operating systems so that IT admins can improve user account security and keep sophisticated cyber threats at bay.
According to the State of Linux report, 90 percent of the public cloud runs on Linux. With stolen credentials ranking among the top data breach vectors, it’s high time that every organization works on its strategy in securing access to endpoints running on Linux. After all, one set of credentials is all a hacker needs to get into an organization’s network and cause havoc. When MFA is implemented organization-wide, the traditional username and password login are supplemented by an additional security measure.
“Linux OS and its distributions don’t provide built-in mechanisms to enforce MFA for GUI logins,” said Parthiban Paramasivam, director of product management, ADSelfService Plus. “With ADSelfService Plus, users will have a seamless login experience irrespective of the platform they use. A Windows user who also has a Linux workstation or a macOS machine will have the same login experience across platforms.”
With ADSelfService Plus’ Endpoint MFA capability, user authentication goes beyond relying on traditional usernames and passwords and verifies identities through stringent authentication techniques. The more authentication techniques supported by the MFA solution, the more freedom admins have. With this in mind, ADSelfService Plus supports a variety of authentication techniques, including SMS-based one-time passwords (OTPs), email-based OTPs, Google Authenticator, DUO Security and RSA SecurID. With ADSelfService Plus, organizations can leverage 14 different authentication techniques to secure access to Linux, Windows and macOS clients in AD environments.
With ADSelfService Plus’ Endpoint MFA enabled, users will have to successfully authenticate themselves twice before they’re allowed to access their workstations or servers. They are authenticated first through their AD domain credentials and next through one of the supported authentication techniques before they can log in to their remote and local Linux, Windows or macOS machine. Admins can enforce MFA for specific users with access to business-critical data based on their domain, OU, or group membership.
Endpoint MFA is available immediately in the latest version of ADSelfService Plus. Pricing for ADSelfService Plus starts at $1,195 annually.