If you’re running the latest version of Trend Micro Deep Security you can now take advantage of a great feature, multi-factor authentication (MFA). This is also known as two factor authentication (2FA).
Why is this a good thing? Well these days it’s rare that a week goes by without us hearing about another company being breached and having their password database dumped on the Internet. There is increasing understanding that more than one authentication factor is required to enhance security.
What sort of factors can we have for MFA? Well usually we consider there to be 3 –
- Something you know – e.g a password
- Something you have – e.g a phone
- Something you are – e.g a retinal scan
The idea of MFA is to combine factors such that the exposure of one does not compromise the protected system.
The first step is to logon to the Deep Security management console and browse to the ‘Users’ menu. This is found under Administration –> User Management.
In my example there are only two users – the default MasterAdmin account and another account named ‘ab’. This is the account I will configure for MFA. To do this we open the ‘Properties’ menu for the account, at the bottom of the pop-up window is a button to enable MFA.
A new wizard window will open, as it states you will need to have an MFA application either on a mobile device or PC. Typically a user will install something like Google Authenticator on their phone. In this way logons require the users password and that they have the mobile phone with it’s code. This is where we get our multiple factors – something we know (the password) and something we have (the phone). In this way a malicious threat actor requires both the password and the phone to gain access to the system.
The first step is to either scan the QR code displayed on the screen with the MFA application or to enter the secret key code manually. Again typically the user will do this via their phones camera through the MFA application.
Once we have the MFA application configured clicking next will present us with a prompt to enter an authentication code from the app. The reason the system asks this is to ensure the MFA app is synchronised correctly and that our code works.
Assuming that everything is synchronised and the code was accepted the wizard will indicate the successful configuration of MFA for this account.
OK so we’ve setup the account, now let’s take a look at the logon prompt for Deep Security. As you can see there is a tick box option to enable the MFA box.
I can then check my MFA app, in this case Google Authenticator for the current code.
Assuming all is good I am granted access. If we take another look at the ‘Users’ menu the system provides a column that shows which users have MFA enabled.
If you want to remove MFA from a user account it’s a simple process of opening that users Properties window and clicking the ‘Disable MFA…’ button.
Hopefully this is useful to you – I think this is a fantastic addition to the Trend Micro Deep Security product, I’m really hopeful they will extend this to other products in the Trend line-up. I would very much like to see other suppliers offer similar native functionality, I dream of the day Microsoft Active Directory and Microsoft operating systems have this as a native feature without requiring third party software and plugins.