ManageEngine has announced the launch of its passwordless, phishing resistant FIDO2 authentication for enterprise applications
June 2024 by Marc Jacob
ManageEngine cements its stance in identity-first security with the launch of passwordless, phishing-resistant FIDO2 authentication for enterprise applications in
ADSelfService Plus, its on-premises identity security solution, and endpoint MFA for Windows machines and elevated system actions in Identity360, its cloud-native identity management platform.
Identity-First Security: A Significant Stride Towards Zero Trust
Attackers are ever striving to breach authentication mechanisms by stealing and misusing identities, predominantly via phishing attacks. Egress’
2024 Email Security Risk Report states that 79% of account takeover (ATO) attacks start with phishing. Unlike other cyberthreats, phishing directly targets unsuspecting end users who often become victims of the attack. Deploying phishing-resistant authentication
barricades such attacks, propelling organizations towards an enhanced Zero Trust security environment.
Strong identity management is fundamental in achieving identity-first security, requiring a tactical reallocation of investments in identity and access management (IAM) strategies. "Identity-first security helps enterprises establish enhanced trust and control
over their network. ManageEngine aims to fill the gaps of the legacy network-based security approach and, more importantly, help organizations align with the principles of Zero Trust through its solutions," Thangaraj said.
ManageEngine Attains New Milestones in Identity-First Security
Enterprises with a decentralized digital architecture must ensure that identity-first security measures are deployed throughout the entire distributed network, i.e., access to all the endpoints in the network must be protected with MFA. ManageEngine Identity360’s
MFA for endpoints secures end users’ machines, servers, workstations, and critical system actions performed using privileged user accounts.
Identity-first security does not end with securing all endpoints with MFA. It is vital to employ high-assurance MFA methods that are capable of resisting evolving cyberthreats. ManageEngine ADSelfService Plus’ FIDO2 authentication boosts identity security by
resisting phishing and replay attacks, while improving users’ authentication experiences with passwordless methods. "FIDO2 authentication helps companies strengthen their grip on identity-first security. It is a secure, user-friendly, and cost-effective authentication
mechanism helping organizations resist phishing attacks and achieve regulatory compliance," Thangaraj said.
Alongside authentication, access provisioning is also important in ensuring that an organization’s workforce has seamless access to necessary resources. ManageEngine, with its recent launch of
just-in-time (JIT) user provisioning in ADSelfService Plus, automates user account creation across various enterprise applications, reducing the burdens of IT administrators and providing prompt, hassle-free access for end users.
ManageEngine’s Identity-First Security Facilitates Regulatory Compliance
Implementing ManageEngine’s phishing-resistant FIDO2 authentication and securing endpoints in the network with recognized MFA techniques make organizations compliant with regulatory standards such as the
GDPR, the
NIST Cybersecurity Framework, the
PCI DSS, the
CCPA and the
. In addition to meeting regulatory requirements, the adoption of identity-first security insurance in a fiercely competitive market.