AuthPoint by WatchGuard: How the New Cloud-Based Multi-Factor Authentication Solution is Eliminating the #1 Vulnerability Faced by SMBs

TL; DR: Network security leader WatchGuard found in a recent study that 84% of small to medium-sized businesses are seeking to protect their organizations with more than just password security. However, the vast majority of these SMBs cited cost as a major impediment to implementing a more advanced multi-factor authentication (MFA) solution. In response, WatchGuard developed AuthPoint — a new cloud-based MFA service priced with the small and mid-market in mind. AuthPoint can be deployed and managed from any location without the need for expensive hardware components. The service relies on WatchGuard’s AuthPoint app to facilitate user authentication in an intuitive, convenient way while leveraging advanced technologies to prevent unauthorized access to networks.

It’s no secret that data breaches have become increasingly common. In fact, the first half of 2018 saw 668 breaches, which exposed more than 22 million records. Not surprisingly, many of these network intrusions were the result of human error.

Nearly 90% of passwords in use today are considered weak and can be easily compromised by those with malicious intent. As a result, large, enterprise-level organizations have instituted safeguards, such as multi-factor authentication (MFA), to prevent data breaches. However, these solutions are expensive and have long been considered well above budget for the small and mid-market businesses that require the same level of protection as their larger cousins.

A recent survey of SMB owners and IT managers revealed that nearly all of them want something more secure than just passwords to lock down their networks. And, for the first time, a robust MFA solution is within their reach.

WatchGuard Technologies, a leader in advanced network security solutions, has unveiled a cloud-based multi-factor authentication solution designed for SMBs. It’s called AuthPoint, and we’re happy to recognize the product with our Developers’ Choice™ award for delivering an easy-to-implement, enterprise-grade MFA solution at prices accessible to any business.

“We know that the majority of data breaches involve lost credentials, and since criminals target organizations of all sizes, multi-factor authentication is now a prerequisite for all businesses,” said Alex Cagnoni, Director of Authentication at WatchGuard. “In the absence of MFA, criminals can utilize a variety of techniques to acquire usernames and passwords — such as spear phishing, social engineering, and stolen credentials lists that can be purchased on the Dark Web — to gain network access and then steal valuable company and customer data.”

Alex noted that the average person has more than 90 separate online accounts and a penchant for reusing the same login credentials. And this combination constitutes a massive security risk for every organization relying on login credentials.

“People usually have just three or four passwords and use them for many accounts,” Alex said. “This is a big reason why protecting passwords and credentials is so important.”

WatchGuard asked independent market research firm CITE Research to survey small business owners and IT managers at companies with fewer than 1,000 employees across the US, the UK, and Australia. The results were surprising and distressing.

Although most IT managers surveyed claimed they provide some password training or policies to employees, 47% believed that employees still use weak passwords, 31% thought employees use network passwords for personal applications, and nearly half suspected that their employees use simple or weak passwords.

The main problem? Most small businesses believe password security is the best they can do. The top reasons companies cited for not implementing MFA revolve around difficulty of setup, maintenance concerns, and — the big one — cost.

Alex told us that AuthPoint aims to break down the long-standing barriers between SMBs and MFA adoption.

“It’s affordable, easy to deploy, and vastly scalable,” he said. “And this is all made possible by WatchGuard’s cloud-based approach to authentication. SMBs need an intuitive, cost-effective MFA solution, and we are giving it to them.”

WatchGuard uses an innovative approach to user authentication called Mobile Device DNA that distinguishes cloned login attempts from legitimate ones. The AuthPoint app creates personalized “DNA” signatures for user devices and adds them to the authentication calculation.

The result is that authentication messages not originating from a legitimate user’s phone will be rejected. The app supports multiple authenticators, including PIN, biometric, and uses the phone camera to read QR codes for offline scenarios. Users can even respond to authentication push messages without opening the app.

“The app is also equipped to store third-party authenticators, including Google Authenticator, Facebook access, and Dropbox, among others,” Alex said. “AuthPoint protects VPNs, Web Apps, PC login, and more.”

For administrators, management of AuthPoint is even easier.

“AuthPoint is a cloud-based solution — requiring no on-premises equipment — so SMBs don’t have to hire people to specialize in MFA management or manage authentication infrastructure and hardware,” Alex said.

Management of every aspect of AuthPoint is handled through the WatchGuard Cloud Dashboard, which means it can be done from any internet-connected device. It’s quick and simple so anyone would be able to do things like create resources or to allocate users to groups.

Users can be synchronized using AD or LDAP facilitating enrollment and MFA provisioning. Each user may even have more than a single authenticator device, such as a smartphone and a tablet. Detailed and instantaneous reporting lets managers see successful and failed authentication attempts, instantly identifying suspicious activity, as well as understand authentication over time and usage by resource.

Alex said seamless, instant function to your account is the goal.

“Once you buy the subscription and activate it, AuthPoint is up and running for your organization in a second,” he said. “It’s really simple. It’s a very smooth customer experience.”

WatchGuard’s ecosystem includes dozens of third-party integrations with AuthPoint. This allows companies to mandate that users undergo the authentication process before accessing sensitive cloud applications, VPNs, and networks.

Moreover, AuthPoint supports the SAML standard, allowing users to log on once to access a full range of applications and services.

“Our mission is to transform security from something that’s complex into something that’s simple for our customers,” Alex said. “To reach them, we work with channel partners, both for MFA and for our other security solutions. We, therefore, have to make it not only simple for end-users, but something that’s simple for the channel to sell or, in the case of AuthPoint, even simple to manage themselves.”

The HostingAdvice team is proud to recognize WatchGuard’s AuthPoint with our Developers’ Choice™ award. The affordable, intuitive, cloud-based multi-factor authentication solution is giving SMBs the protection they need to thwart their #1 network vulnerability.