Multi-factor authentication CMMC

How to Choose an Enterprise Grade Multi-factor Authentication (MFA) Solution

Knowing how to choose the right multi-factor authentication (MFA) solution to meet your company's compliance and security needs can save you a lot of time down the road.

Join our newsletter:

What is Multi-factor Authentication (MFA)?

Business Impact Analysis Team
Multi-factor authentication definition: authentication using two or more different factors to achieve authentication. Factors include: (i) something you know (e.g., password/PIN); (ii) something you have (e.g., cryptographic identification device, token); or (iii) something you are (e.g., biometric).

Multi-factor Authentication Buyer’s Checklist

Before purchasing a multi-factor authentication solution for your company as yourself these questions:
  • Does it provide multi-factor authentication for VPN connections?
  • Does it provide MFA for local accounts? For example a local admin account on a PC.
  • Does it support Windows, Mac, & Linux?
  • Does it provide MFA for cloud applications? For example Office 365, G-Suite, SalesForce and other cloud services.
  • Is support readily available?
  • Is it easy to deploy to your systems?
If you are evaluating a multi-factor authentication solution and the answer is yes for the above questions then you have a winner and can feel comfortable purchasing the solution.

Which Multi-Factor Authentication Solution Should I Use?

In my experience SAASPASS is an excellent multi-factor authentication solution. It is used by the likes of NASA, Boeing, VISA, and the state of Texas. SAASPASS meets all of the criteria I mentioned above. If you would like to get setup with SAASPASS send us an email at info@lakeridge.us as we can provide you with a discount at purchase.

Cybersecurity Maturity Model Certification (CMMC) Multi-Factor Authentication (MFA) Requirements

Contractors with a CMMC requirement of level two or higher will need to implement multifactor authentication in their environment.
CMMC Requirement MA.2.113: Require multi factor authentication to establish nonlocal maintenance sessions via external network connections and terminate such connections when nonlocal maintenance is complete (Applies to CMMC level two or higher).
CMMC Requirement IA.3.083: Use multi-factor authentication for local and network access to privileged accounts and for network access to non privileged accounts (Applies to CMMC level three or higher).

How to Meet CMMC Multi-factor Authentication Requirements

Protect your resources in the Cloud. How SAASPASS achieves this: Using SAML, SAASPASS can be quickly configured to provide multifactor authentication for your VPN connections. SAASPASS also integrates with common VPN clients including Cisco Meraki.
Protect your workstations. How SAASPASS achieves this: SAASPASS provides multi factor authentication for both Windows (7, 8, 8.1, 10, Server 2008, and Windows 10) and Mac.
Protect local and network access to accounts. How SAASPASS achieves this: SAASPASS provides multi-factor authentication for both local accounts (e.g. a local user account on a Windows system) and network accounts such as an Active Directory account.
 

Quick & Simple

Discover Our Cybersecurity Compliance Solutions:

Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you

 NIST SP 800-171 & CMMC Compliance App

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
 HIPAA Compliance App

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
 FAR 52.204-21 Compliance App

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
 ISO 27001 Compliance App

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.