Twenty percent of IT enterprises experienced a breach due to a remote worker during the pandemic, says a report by Malwarebytes Labs.
Choosing to let employees work remotely comes with pros and cons—the cons primarily being unanticipated security vulnerabilities. These vulnerabilities are more likely to occur because of employee ignorance, rather than a network or system malfunction. But remote workers aren’t usually thinking, “I am a crucial link in my organization’s security chain; am I doing my part right?”
“Given the choice between dancing pigs and security, users will pick dancing pigs every time.” —Edward Felten, professor and director of Center for Information Technology Policy, Princeton University
As an admin, how can you keep your company cybersecure? You might say, “We have secured all user identities with MFA. Our employees must verify with multiple authenticators before they can even access their work machine.” That is a smart move. Like many companies, you have gone the extra mile to address and extinguish the possibility of identity theft. But throw offline users into the mix, and there may be vulnerabilities you haven’t accounted for.
Are your security measures mindful of offline remote employees?
Compared to in-office employees, remote employees find themselves offline more frequently. That is, they might be disconnected from the MFA server or the corporate network due to hiccups in connectivity. So, what happens to MFA when a remote user is offline? It would be unthinkable to bypass MFA or block machine access for them and still guarantee security and productivity. Luckily, there is a way to perform MFA even when your remote workers are offline.
Ensuring security for your offline remote workforce
ManageEngine ADSelfService Plus offers offline MFA, which allows users to perform MFA for machine logins, even when they are not connected to the MFA server or the corporate network. Admins can configure one or more MFA authenticators for users to verify their identities with. Users must pre-enroll in these authenticators when they are online to be able to perform offline MFA.
Click here to learn more about how ADSelfService Plus’ offline MFA works and why it’s the ideal choice for your organization.
Download a 30-day, free trial to try ADSelfService Plus for yourself. To discover more about ADSelfService Plus’ identity security capabilities, schedule a free, personalized demo today with a product expert.