Centralized management of multi-factor authentication users, methods, and agents
Multi-Factor Authentication Is Easy with a Powerful Authentication Manager
Compliance and cybersecurity are challenges facing virtually every organization. But meeting these challenges often drains IT resources, cutting into other critical projects. Access Authenticator features an authentication manager that enables IT staff—and end users—to work efficiently.
From user administration to auditing and reporting, this authentication manager delivers the level of control and insight you need. An easy-to-use interface makes quick work of adding and removing users. Advanced security features like encryption ensures data protection and compliance adherence by making all authentication credentials unreadable during transmission and storage. And with a self-service portal, end users are highly self-sufficient, relieving IT from routine software set up.
Visual Displays of Key Metrics
Access Authenticator is administered from the HelpSystems Insite web interface, a single pane of glass for IT management. Intuitive, drag-and-drop dashboards provide a visual display of key metrics for multi-factor authentication, such as:
- Total enabled and disabled users
- Percentage of authentication failures
- Authentication attempts in a given timeframe (with success/failure breakdown)
- Registered users and users who have not yet completed the registration process
- Users that have been inactive for a set number of days
With these dashboards, administrators have a quick and easy way to identify potential security issues before any damage occurs.
And HelpSystem Insite is mobile friendly, which means the authentication manager is accessible to administrators from any device and any location with internet access.
Centralized Administration Increases Efficiency
Central administration makes Access Authenticator easy to deploy and administer, and automated tasks further reduce the burden on IT staff.
User profiles can be imported from the active directory via LDAP, allowing administrators to quickly import existing users into the authentication manager database. This eliminates hours of tedious, manual work. Access Authenticator is also synchronized with the active directory: user profiles that exist in the authentication manager database but not in the active directory are highlighted as candidates for removal.
The administrator can specify whether multi-factor authentication is switched on for users as soon as they are added to the database, or only activated once they’ve completed registration via the self-service portal. This means multi-factor authentication can be enforced straight away, or the administrator can allow users to set themselves up first.
Once a user is added to the authentication manager database, he can be sent an email advising them of this fact along with a link to the self-service portal, where he can complete the registration process. Empowering users to be self-sufficient further reduces Access Authenticator’s administration effort. But if a user is unable to authenticate for some reason, he is still able to access a printed list of one-time passwords from the self-service user portal.
The administrator can even use the authentication manager to disable a user profile without removing it from the database entirely. This is useful when hacking is suspected, as it gives the administrator time to investigate the incident without permanently removing the affected profile and configuration.
The authentication manager is also where administrators configure the software so that it suits their requirements. This includes activating and deactivating authentication for users or groups, setting values for features like automatic user lockout, and defining which authentication methods are available to users.
Secure Self-Service Portal Makes Life Easier for Users and IT
Administrators can choose to allow users to complete the registration process through the intuitive self-service portal, minimizing the burden on the IT staff. The portal is also where users manage their account options and authentication credentials without the need to call the help desk.
Through the self-service portal, users can activate the Access Authenticator mobile app and register new mobile devices as well as remove old ones. Users can set preferences, such as default authentication methods.
The self-service portal is also used to maintain the seed used for one-time password generation and sync the user’s mobile app with the authentication manager.
Comprehensive Auditing and Reporting
More and more cybersecurity mandates require multi-factor authentication, and proving your organization is in compliance is critical. The authentication manager makes it easy for administrators to audit and report on several metrics, including:
- Authentication attempts
- User maintenance activity, such as user registrations, mobile registrations, and one-time password seed updates
- User information, such as users who haven’t completed registration and disabled users
From the authentication manager, administrators can enable and disable all types of auditing and determine how long data is retained by the organization.