Multi-factor authentication (MFA), also known as two-factor authentication (2FA), is a security method that requires users to provide two or more different types of identification before gaining access to a system, application, or account. It adds an extra layer of security beyond the traditional single-factor authentication, which typically relies on just a username and password.
Requiring a second element beyond the password for login can prevent a significant number of attacks. If an attacker were to gain access to an account password, they would be unable to gain access without the second factor. Many applications (Google, Apple, Microsoft, AWS, etc.) now suggest or even require the use of MFA to protect user account information and minimize the risk of cyberattacks. But did you know that NetApp and Rubrik, two valued Tego partners, also require MFA to protect the data within your organization?
NetApp has long supported pre-shared SSH key MFA and as of ONTAP 9.13 which is now generally available. NetApp ONTAP 9.3 SSH MFA allows user-by-user incremental implementation. The end goal of an MFA deployment is for all administrative users to use login credentials with strong multifactor authentication.
In addition to having MFA login credentials for all users, each administrator’s mode of access should use MFA. For ONTAP, this implies SSH CLI and SAML for System Manager HTTP access. In addition, there is also support for built-in TOTP.
Rubrik offers “on-box TOTP (Timed One Time Password) MFA” which means they have a simple-to-implement built-in MFA option that depends on a smartphone app like Google Authenticator or Twilio Authy for the second factor. It also integrates SAML-compliant third-party identity providers like OKTA. Rubrik requires and enforces the use of MFA for all logins, even local logins, including utilizing included time-based one-time passwords (TOTP).
Implementing MFA can drastically reduce your risk of an attack. More importantly, conducting periodic security awareness training with your employees can help build a culture of security and empower your team to improve the organization’s security posture.
Contact us today for more information on MFA solutions or how to implement MFA with NetApp and Rubrik.