ManageEngine Launches Passwordless, Phishing-Resistant FIDO2 Authentication

ManageEngine today cements its stance in identity-first security with the launch of passwordless, phishing-resistant FIDO2 authentication for enterprise applications in ADSelfService Plus, its on-premises identity security solution, and the launch of endpoint MFA for Windows machines and elevated system actions in Identity360, its cloud-native identity management platform.

Identity-First Security: A Significant Stride Towards Zero Trust
Attackers are ever striving to breach authentication mechanisms by stealing and misusing identities, predominantly via phishing attacks. Egress’ 2024 Email Security Risk Report states that 79% of account takeover (ATO) attacks start with phishing. Unlike other cyberthreats, phishing directly targets unsuspecting end users who often become victims of the attack. Deploying phishing-resistant authentication barricades such attacks, propelling organizations towards an enhanced Zero Trust security environment.

“As the digital infrastructure of enterprises is expanding due to widespread adoption of cloud services and remote work, network attack surfaces are also correspondingly increasing. Security teams, knowing that this exponentially growing security perimeter cannot be protected effectively anymore with legacy network-based security controls, are shifting their focus to identity-first security, positioning identity as the primary control plane for cybersecurity. With identity as the new security perimeter, the effort to safeguard the entire network is now translated into carefully authenticating every identity requesting entry into the network,” said Manikandan Thangaraj, vice president of ManageEngine.

Strong identity management is fundamental in achieving identity-first security, requiring a tactical reallocation of investments in identity and access management (IAM) strategies. “Identity-first security helps enterprises establish enhanced trust and control over their network. ManageEngine aims to fill the gaps of the legacy network-based security approach and, more importantly, help organizations align with the principles of Zero Trust through its solutions,” Thangaraj said.

ManageEngine Attains New Milestones in Identity-First Security
Enterprises with a decentralized digital architecture must ensure that identity-first security measures are deployed throughout the entire distributed network, i.e., access to all the endpoints in the network must be protected with MFA. ManageEngine Identity360’s MFA for endpoints secures end users’ machines, servers, workstations and critical system actions performed using privileged user accounts.

Identity-first security does not end with securing all endpoints with MFA. It is vital to employ high-assurance MFA methods that are capable of resisting evolving cyberthreats. ManageEngine ADSelfService Plus’ FIDO2 authentication boosts identity security by resisting phishing and replay attacks, while improving users’ authentication experiences with passwordless methods. “FIDO2 authentication helps companies strengthen their grip on identity-first security. It is a secure, user-friendly and cost-effective authentication mechanism helping organizations resist phishing attacks and achieve regulatory compliance,” Thangaraj said.

Alongside authentication, access provisioning is also important in ensuring that an organization’s workforce has seamless access to necessary resources. ManageEngine, with its recent launch of just-in-time (JIT) user provisioning in ADSelfService Plus, automates user account creation across various enterprise applications, reducing the burdens of IT administrators and providing prompt, hassle-free access for end users.

ManageEngine’s Identity-First Security Facilitates Regulatory Compliance
Implementing ManageEngine’s phishing-resistant FIDO2 authentication and securing endpoints in the network with recognized MFA techniques make organizations compliant with regulatory standards such as the GDPR, the NIST Cybersecurity Framework, the PCI DSS, the CCPA and the PSD2. In addition to meeting regulatory requirements, the adoption of identity-first security enhances organizations’ chances of securing cyber insurance in a fiercely competitive market.