Using MFA to Secure Your Assets Through OneLogin

With weekly database compromises ruling the headlines and more promotions than ever for security services that protect you from identity theft, there's not much left for IT managers to do but sweat bullets each morning they're met with the server room of the company or university they work for.

Security concerns have been around for as long as computers have existed, but we long for the days before the Internet when it was a simple task of locking down your device with a password. Nowadays, simply connecting your device to your ISP could instantly compromise the system without running anything.


It's not getting better. More complex forms of malware are finding their way into consumer devices both mobile and desktop, and these consumers then pass it on to bigger and more important connections where they can eventually find themselves in databases and their connected devices. If it's not strictly automated malware, it might simply be a hacker who's gained the necessary relay keys and worked out the encryption to jump from point to point in cyberspace as if they're an administrator. Just think: It all started with someone's child clicking that one strange link on Facebook and accidentally sharing vital profile information.


It doesn't normally happen like that, but it's certainly one way that companies can find themselves at the mercy of malicious code handler. For the large part, it's a matter of such entities interacting with the out-facing aspects of the infrastructure to find vulnerabilities, then applying a little pressure with the right programs until they're in the ventilation shafts James Bond-style. Of course, discovering flaws in the flue is like sweeping up dimes in a parking lot: The bigger it is, the more you'll find.


Major enterprises such as Walmart, Target or Best Buy are especially problematic in this regard because the sheer volume of their operations makes it incredibly difficult for any kind of little-league, short-term or in-house security firm to adequately cover all the bases. It's not as simple as "protect everything that belongs to Walmart"; it's also the myriad third-party agencies that are contracted by such companies and dispatched to meet field goals. That means Target's RMS, CAST and ASM connections are as important to their operations as they are liabilities.

OneLogin Compared To Other Vendors

It's more complicated than just axing the vendors; they're crucial to the success of these businesses. The next step for these companies is to focus on the security protocols that support their databases, cloud connections and user accounts, and more brands are turning to OneLogin for assistance. OneLogin, a dedicated network mediation service, completely seals off the infrastructure and leaves only a single opening for anyone to enter through. This opening is none other than a unified app or web portal for representatives to login through using a multifactor authentication (MFA) system to validate their likeness with a one-time password (OTP) to cover up their tracks.


Of course, MFA has been around for awhile, so what makes OneLogin special for using it? The answer lies in their execution: Not only is their MFA particularly advanced and intelligently balanced, it's also blended in with a bag of tricks such as SecurID and proprietary softwares like OneLogin Protect. The single sign-on (SSO) approach seals off all but one gateway into the system using an airlock-esque throwaway password protocol that's verified through four layers of authentication logic:


  • Security questions
  • SMS texts
  • Hardware certificates
  • App verification alerts


The surprising part of this system is that it's only inconvenient for illegitimate users who are attempting to gain access by impersonation or other means; an actual user who meets all the expected marks after the first login can gain access to the system instantly without a sweat. This sounds insecure in some ways, but in truth, OneLogin's system looks for certain markers that all but guarantee who's on the other end of the line. However, companies and their users will still have the option of manually logging in each time if they choose.

Securing Your Network

The bottom line here is that security is getting more problematic, and it's quintessential for every entrepreneur to consider investing in a buckled-down security system before it happens to them. Trust us — it can happen to anyone. More importantly, you might want to put some of that trust into OneLogin to do it best.