In today’s business environment, passwords are not enough to keep our electronic world safe, and MSPs have to reckon with that fact. Even if your users have the best passwords on earth, the ubiquity of data breaches and phishing attacks make even the most advanced keys useless.
You’re likely already implementing additional security measures with your customers, like rolling out multi-factor authentication (MFA) to protect the identities that hold the keys to your various kingdoms.
Requiring MFA to access web-based resources is commonplace, but protecting endpoints like laptops or desktops is not. MSPs focus heavily on preventing malicious software from attacking data with state-of-the-art monitoring and protection tools. But that same data can often be accessed by entering a password – and that password is likely to be less complex, since users have to enter it multiple times a day.
For Windows laptops, many IT admins have turned to AzureAD for MFA, but Macs aren’t typically candidates for this. Fortunately, ̽»¨´óÉñ has made it easy for you to add MFA security for your Mac and Linux devices – in addition to Windows.
Setting Up Mac MFA
1. Set up a ̽»¨´óÉñ account for each user and enable MFA
First, make sure that the Mac’s user has a ̽»¨´óÉñ account set up. Then, ensure you’ve selected “Require User MFA.” The user will be prompted to complete the MFA setup via their account’s email. MFA with ̽»¨´óÉñ can be either push-approved via the ̽»¨´óÉñ Protect mobile app, or TOTP with your authenticator app of choice.
2. Configure the Mac device
Now that the user’s account is ready you can configure the device. With ̽»¨´óÉñ, the only setup required on the device itself is the installation of our ̽»¨´óÉñ Agent.
If your Mac is enrolled in MDM with ̽»¨´óÉñ, this is incredibly easy and can be done before the Mac is even removed from its box. If this is a BYOD device or one that has not been purchased via Apple Business Manager related channels, a simple download and install of the ̽»¨´óÉñ Agent locally on the device will do the trick.Â
3. Connect the user to their new device
Once the agent is in place, simply assign the device to the user, and your job is done. When they go to login, they’ll be prompted for their password and MFA.
With ̽»¨´óÉñ, you can achieve a level of security that exponentially reduces the risk of a customer data incident while also providing a richer support experience in a matter of minutes.
Enabling ̽»¨´óÉñ also enables features like self-service password resets, which can dramatically reduce ticket traffic, and SSO, which streamlines and hardens the user experience.
Check out ̽»¨´óÉñ today and discover the many ways you can protect your MSP and the customers you serve! If you’d like to learn more about MFA with ̽»¨´óÉñ for your devices, feel free to reach out to us, or read some of our documentation below.
