ManageEngine AD SelfService Plus Adds MFA for UAC To Protect Privileged Accounts
Organizations Can Now Secure Privileged Accounts By Fortifying Authentication For UAC Prompts
- Provides up to three levels of authentication besides the default credentials using methods such as biometrics, Google Authenticator and YubiKey
- Supports contextual authentication based on time of user access, geolocation and more.
- Feature available as part of Endpoint MFA add-on.
- Download a 30-day, free trial of ADSelfService Plus at mnge.it/ayh
CHENNAI, India — October 6, 2022 — ManageEngine, the enterprise IT management division of Zoho Corpor ation, today announced that ADSelfService Plus, an identity security solution with MFA, SSO and self-service password management capabilities, has released MFA for Windows User Account Control (UAC) prompts that require credentials for added security. This feature is available as part of the product’s Endpoint MFA add-on.
A recent report published by Verizon states that up to 40% of data breaches are the result of stolen credentials. MFA remains one of the top-runners for mitigating credential theft. When implementing MFA to protect the en terprise network, logins to machines, VPNs and cloud applications are usually considered. But, compre hensive security policies do not stop with just login protection. UAC prompts, especially Run as administrator prompts, a re another major function that requires protection, as these prompts provide non-privileged user accounts with privileged permissions to perform tasks they wouldn’t be able to otherwise.
NIST SP 800-171 mandates using MFA to protect local and network access to privileged accounts, which inclu des UAC prompts. An increasing number of cyber liability insurance providers are also instating MFA for all ne twork access attempts as a prerequisite for insurance eligibility or renewal.
“When implementing MFA for a stringent security framework like Zero Trust, enterprises must leave no stone u nturned. Protecting UAC prompts with MFA is crucial, as misuse of administrator credentials can provide eleva ted permissions into the domain network and lead to sensitive data exposure and theft,” said Parthiban Param asivam, director of product management, ADSelfService Plus. “ADSelfService Plus helps secure UAC prompts an d thwarts bad actors from gaining privileged domain access, without disrupting the workflow of genuine users.”
Using ADSelfService Plus’ MFA Feature to Secure UAC Prompts
ADSelfService Plus supports up to 18 different authentication methods for its MFA feature. Admins can leve rage the myriad of options including biometrics, TOTP and hardware keys, and tailor the solution to fit organ izational requirements.
Other unique attributes of ADSelfService Plus’ MFA feature include:
- Automated adaptation of authentication policies based on the user’s time of access, geolocation, IP address and device.
- Comprehensive reports to track authentication attempts and failures.
Apart from UAC, ADSelfService Plus helps protects machine logins (Windows, Linux, macOS); VPNs and other network endpoints using RADIUS; and OWA and other IIS web applications using MFA. ADSelfService Plus also helps enforce advanced password policies that go a step above the existing domain password policy through rules like banned use of palindromes, patterns and dictionary words.
Pricing and Availability
MFA for UAC is available immediately in the latest edition of ADSelfService Plus as part of the Endpoint MFA ad d-on available for its Standard and Professional editions. Pricing for the Endpoint MFA add-on of ADSelfServ ice Plus starts at USD 395 annually for 500 users.
Pricing for the Standard and Professional editions starts at USD 595 and USD 1,195, respectively. ADSelfServ ice Plus also offers a Free edition for up to 50 users. The Free edition offers major features of the product incl uding SSO, self-service password management, password expiration notifications and advanced password poli cies. It can be downloaded at www.//mnge.it/Kid. A fully functional, 30-day trial version is available for down load at www.//mnge.it/ayh.
About ADSelfService Plus
ADSelfService Plus is an identity security solution to ensure secure and seamless access to enterprise resources and establish a Zero Trust environment. With capabilities such as adaptive multi-factor authentication, single si gn-on, self-service password management, a password policy enhancer, remote work enablement and workfo rc e self-service, ADSelfService Plus provides your employees with secure, simple access to the resources they ne ed. ADSelfService Plus helps keep identity-based threats out, fast-tracks application onboarding, improves pass word security, reduces help desk tickets and empowers remote workforces. For more information about ADSel fService Plus, visit www.//mnge.it/zAc.
About ManageEngine
ManageEngine is the enterprise IT management division of Zoho Corporation. Established and emerging enterp rises—including 9 of every 10 Fortune 100 organizations—rely on ManageEngine’s real-time IT management to ols to ensure optimal performance of their IT infrastructure, including networks, servers, applications, endpoin ts and more. ManageEngine has offices worldwide, including the United States, the United Arab Emirates, the Ne therlands, India, Colombia, Mexico, Brazil, Singapore, Japan, China and Australia, as well as 200+ global partners to help organizations tightly align their business and IT. For more information, please visit manageengine.com, f ollow the company blog and get connected on LinkedIn, Facebook and Twitter.