每个关心用户安全的Web 服务都喜欢多因素身份验证。(web service)也称为双因素身份验证(two-factor authentication),它要求用户通过两条独立的信息来验证自己的身份:你知道的东西和你拥有的东西。进行身份验证时,用户使用的是密码或PIN码等传统安全工具,但他们还必须通过点击推送通知或输入通过(PIN)SMS 接收或由(SMS)身份验证应用程序(authentication app)显示的一次性代码来确认自己的身份在他们的智能手机上。但是,您如何在公司的设备上实施多因素身份验证,以确保您的员工帐户不会轻易被入侵?著名的计算机安全公司(computer security company)ESET提供了一种有效的解决方案。他们对这个问题的解决方案称为ESET Secure Authentication,在本文中,将向您展示它可以做什么:
1.Windows登录保护
ESET Secure Authentication可为登录其(ESET Secure Authentication)Windows计算机或设备的用户提供多重身份验证。可以在Windows 锁定(Windows lock)屏幕和用户帐户控制(User Account Control)提示上启用双因素身份验证,甚至可以对安全模式(Mode)强制执行。
即使知道您员工的用户名和密码,黑客也无法绕过ESET Secure Authentication提供的多重身份验证。为此,攻击者还需要访问员工的智能手机。否则,他们将不知道ESET Secure Authentication(ESET Secure Authentication)提供的一次性代码。
我们相信ESET Secure Authentication与ESET EndPoint Encryption ( DESlock+ ) 等业务加密解决方案相结合,可以使您公司的计算机和设备非常安全。
2.远程桌面保护
ESET Secure Authentication提供对远程桌面(Remote Desktop)会话的支持。这意味着您可以使用它为需要远程桌面(Remote Desktop)访问其计算机的用户实施多因素身份验证。远程桌面(Remote Desktop)的登录过程(login process)正常工作,但一旦用户登录,ESET Secure Authentication会要求他或她输入正确的一次性PIN 码(PIN code)。
除非用户可以正确输入一次性PIN 码(PIN code),否则他们无法使用您公司的计算机与远程桌面(Remote Desktop)。
3. Web 应用程序保护
ESET Secure Authentication还为许多Microsoft应用程序提供多因素身份验证支持。(multi-factor authentication support)它支持以下内容:
- Microsoft Exchange 2007:Outlook Web Access - Exchange 客户端访问服务器(Exchange Client Access Server)( CAS )
- Microsoft Exchange 2010:Outlook Web Access - Exchange 客户端访问服务器(Exchange Client Access Server)( CAS ) 和Exchange 控制面板(Exchange Control Panel)
- Microsoft Exchange 2013:Outlook Web App - Exchange 邮箱服务器角色(Exchange Mailbox Server Role)( MBX ) 和Exchange 管理中心(Exchange Admin Center)
- Microsoft Exchange 2016:Outlook Web App - Exchange 邮箱服务器角色(Exchange Mailbox Server Role)( MBX ) 和Exchange 管理中心(Exchange Admin Center)
- Microsoft Dynamics CRM版本 2011、2013、2015 和 2016
- Microsoft SharePoint版本 2010、2013 和 2016
- Microsoft SharePoint Foundation版本 2010 和 2013
- Microsoft 远程桌面 Web 访问
- Microsoft 终端(Microsoft Terminal) 服务(Services) Web 访问(Web Access)
- 微软远程 Web 访问
安装ESET 安全身份验证(ESET Secure Authentication)后,用户尝试连接到贵公司使用的 Web 应用程序,输入用户名和密码(username and password)后,他或她应该会看到多重身份验证网页(authentication webpage)。除非用户输入正确的一次性密码(one-time password),否则他或她无法登录。
如果用户还在他或她的智能手机上安装了ESET Secure Authentication应用程序,他或她可以使用智能手机批准登录。
4.VPN保护
ESET Secure Authentication包括一个独立的RADIUS 服务器(RADIUS server),您可以使用它来验证VPN连接。为VPN配置ESET Secure Authentication时,登录过程与以前相同,但用户输入用户名和密码后,还必须提供双向验证PIN 码(PIN code)。ESET Secure Authentication可与以下VPN、防火墙和 UTM 端点集成:梭子鱼(Barracuda)、Check Point Software、Cisco ASA IPsec、Cisco ASA SSL、Citrix Access Gateway, Citrix Netscaler , Cyber oam(Cyberoam) , F5 Firepass , Fortinet Fortigate , Juniper , Juniper ( Access-Challenge ), Microsoft RRAS , Microsoft RRAS with NPS , Microsoft Forefront Threat Management Gateway , Netasq , OpenVPN Access Server , Palo Alto , Sonicwall。它还适用于云和 VDI 端点(cloud and VDI endpoints):VMWare Horizon View 和 Citrix XenApp 服务器(VMWare Horizon View and Citrix XenApp server)。
5. 易于在业务环境中安装和部署(business environment)
ESET Secure Authentication的一大优势是易于安装和使用。您可以通过其Web 控制台(web console)提供的界面将其用作独立的解决方案(standalone solution),也可以将其与Active Directory集成。
6、用户安装使用方便
ESET Secure Authentication为用户提供了一个易于使用的解决方案。他们只需要在他们的安卓(Android)智能手机 i Phones或Windows Phones上安装同名的应用程序。此外,您不必向他们提供硬件令牌或任何其他设备。一旦他们拥有了应用程序,他们需要做的就是批准他们收到的推送通知或使用来自应用程序的一次性代码。
7.通用数据保护条例(General Data Protection Regulation)( GDPR ) 合规性
欧盟已通过严格的个人数据保护规则执行其通用数据保护条例 (GDPR) (General Data Protection Regulation (GDPR))。(European Union)因此,每个公司都应该拥有并使用像ESET Secure Authentication这样的工具。这是确保员工数据安全且破坏公司数据并非易事的最佳方法之一。多因素身份验证是当今(way today)最大程度降低与密码被盗、弱密码或泄露密码相关的风险的好方法。
您对ESET 安全身份验证(ESET Secure Authentication)有何看法?
如您所见,ESET Secure Authentication提供了一种为业务环境实施多因素身份验证的简单方法。这可以帮助您避免数据泄露并提高公司的整体安全性。你同意我们的观点吗?我们很乐意在下面的评论部分听到您对ESET Secure Authentication的意见。
7 things you can do with ESET Secure Authentication
Every web service that cares about user security loves multi-factor authеntіcation. Also known as two-factor authenticatiоn, it requires users to verify their identity through two independent pieces of information: something you know and something you have. When authenticating, users are using traditional security tools like passwords or PIN codes, but they also have to confirm their identity by tapping on a push notificаtion or by еntering a one-time code reсeived via SMS or displayed by an authentication аpp on their smаrtphones. However, how do you implement multi-factоr authentication on your сompаny's devices to make sure that your employees' accounts are not eаsily breaсhed? One efficient solution is offered by ESET - a renowned computer seсurity company. Their solution to this problem is called ESET Secure Authentication and, in this article, are going to show you what it can do:
1. Windows Login Protection
ESET Secure Authentication can provide multi-factor authentication for users who log in to their Windows computers or devices. Two-factor authentication can be enabled on the Windows lock screen and for the User Account Control prompts, and can even be enforced for Safe Mode.
The multi-factor authentication provided by ESET Secure Authentication cannot be bypassed by hackers even if they know the usernames and passwords of your employees. To do that, attackers would also need to have access to the employees' smartphones. Otherwise, they would not know the one-time codes provided by ESET Secure Authentication.
We believe that ESET Secure Authentication coupled with a business encrypting solution such as ESET EndPoint Encryption (DESlock+), can make your company's computers and devices very secure.
2. Remote Desktop Protection
ESET Secure Authentication offers support for Remote Desktop sessions. That means that you can use it to implement multi-factor authentication for the users who need Remote Desktop to access their computers. The login process for Remote Desktop works normally, but once a user logs in, ESET Secure Authentication asks him or her to enter the correct one-time PIN code.
Unless users can enter the one-time PIN code correctly, they cannot use your company's computers with Remote Desktop.
3. Web Application Protection
ESET Secure Authentication also offers multi-factor authentication support for a lot of Microsoft applications. It supports the following:
- Microsoft Exchange 2007: Outlook Web Access - Exchange Client Access Server (CAS)
- Microsoft Exchange 2010: Outlook Web Access - Exchange Client Access Server (CAS) and Exchange Control Panel
- Microsoft Exchange 2013: Outlook Web App - Exchange Mailbox Server Role (MBX) and Exchange Admin Center
- Microsoft Exchange 2016: Outlook Web App - Exchange Mailbox Server Role (MBX) and Exchange Admin Center
- Microsoft Dynamics CRM versions 2011, 2013, 2015, and 2016
- Microsoft SharePoint versions 2010, 2013, and 2016
- Microsoft SharePoint Foundation versions 2010 and 2013
- Microsoft Remote Desktop Web Access
- Microsoft Terminal Services Web Access
- Microsoft Remote Web Access
When ESET Secure Authentication is installed, and a user tries to connect to a web application that your company uses, after they enter the username and password, he or she should see the multi-factor authentication webpage. Unless the user enters the right one-time password, he or she cannot log in.
If the user also has the ESET Secure Authentication app installed on his or her smartphone, he or she can approve the login using the smartphone.
4. VPN Protection
ESET Secure Authentication includes a standalone RADIUS server that you can use to authenticate VPN connections. When you configure ESET Secure Authentication for VPN, the logging in process goes the same way as before, but after the user enters his/her username and password, he or she must also provide the two-way authentication PIN code. ESET Secure Authentication can be integrated to work with the following VPN, firewall and UTM endpoints: Barracuda, Check Point Software, Cisco ASA IPsec, Cisco ASA SSL, Citrix Access Gateway, Citrix Netscaler, Cyberoam, F5 Firepass, Fortinet Fortigate, Juniper, Juniper (Access-Challenge), Microsoft RRAS, Microsoft RRAS with NPS, Microsoft Forefront Threat Management Gateway, Netasq, OpenVPN Access Server, Palo Alto, Sonicwall. It also works with cloud and VDI endpoints: VMWare Horizon View and Citrix XenApp server.
5. Easy to install and deploy in a business environment
ESET Secure Authentication has the big advantage of being easy to install and use. You can use it as a standalone solution through the interface offered by its web console, and you can also integrate it with Active Directory.
6. Easy to install and use by users
ESET Secure Authentication provides an easy to use solution for users. They only need to install the app bearing the same name on their Android smartphones, iPhones or Windows Phones. Furthermore, you do not have to provide them with hardware tokens or any other devices. Once they have the app, all they need to do to authenticate is to approve the push notifications they receive or use the one-time codes from the app.
7. General Data Protection Regulation (GDPR) compliance
The European Union has enforced its General Data Protection Regulation (GDPR) with strict rules for protecting personal data. Thus, every company should have and use a tool like ESET Secure Authentication. It is one of the best ways to make sure that the data of your employees is secure and breaching your company data is not easy. The multi-factor authentication is a great way today to minimize the risks associated with stolen, weak, or compromised passwords.
What is your opinion about ESET Secure Authentication?
As you have seen, ESET Secure Authentication offers an easy way to implement multi-factor authentication for business environments. This can help you avoid data breaches and improve overall security in your company. Do you agree with us? We would love to hear your opinions about ESET Secure Authentication, in the comments section below.
