Two-Factor Authentication - January 7 Posted Jan 06 2009, 09:04 AM by Patrick Burns
We are pleased to announce the availability of Two-Factor Authentication for Autotask. This new enhancement to user access controls enables you to increase the protection of your sensitive data and allow technicians to login to Autotask from remote/public terminals without the risk of key-loggers or password stealing.
Order now -- free shipping to US locations for all orders placed before January 31, 2009! (tokens can be ordered from within Autotask on the Resource and token management pages)
What is Two-Factor Authentication? Two-Factor Authentication (2FA) is an optional, enhanced security feature that enables you to activate a secondary layer of user access control to the Autotask application. The standard username and password is the first layer, and a special, temporary one-time-password is the second layer (or “factor”).
What makes 2FA meaningfully more secure is that the second factor is dynamic and temporal; a one-time-password is dynamically generated on demand by the user, by means of a device called a token, and can only be used at that moment for that particular user. It cannot be shared with or acquired by another individual either inadvertently or intentionally. 2FA is commonly used for access to highly sensitive equipment (like production servers), highly sensitive software applications (like banking websites) and highly sensitive proprietary systems (like enterprise networks).
How does it work in Autotask? The user experience for 2FA is seamless. When a Resource is setup for 2FA, they enter through the regular login screen. After their standard username and password are authenticated the user sees a secondary login page for the One-Time-Password (OTP). Pressing a button on the CryptoCard token generates the OTP and the user logs in upon successful entry and validation.
2FA Administration Administration for 2FA begins with token entry. Upon receiving your tokens, they must be entered into the system and tested. Once an active token is saved, it can be assigned to a Resource and the Resource can be configured to require 2FA for login.
NOTE: There must be a unique, active token for each user you wish to configure for 2FA access.
Your Administrator also has the capability to manage day-to-day use of 2FA. 2FA access can be suspended for 24 hours, or indefinitely, if a user loses their token. Tokens can also be reassigned to a different Resource if you have staff turnover or responsibility changes.
Ordering Tokens Tokens can be ordered from within Autotask on the Resource Edit page (Security tab) or the Two-Factor Authentication admin page which is used to manage tokens (this page is located in Admin > Site Configuration > Resource Setup). Orders are processed within 2 business days and should be received in the US within 10 business days. Delivery times for international orders may vary. For questions or custom inquiries, email tokensales@autotask.com.
Cost The cost for 2FA is $149 / £115 / €130 per token. This includes the monthly service fee for the lifetime of the token, and is a limited time offer. Later in 2009, there will be a monthly service fee for all tokens purchased after the new rate plan is implemented. Shipping costs (and applicable taxes or surcharges) will be added to each order, and may vary from time to time. For the month of January 2009, shipping fees will be waived for all orders shipped to US locations.
2FA works for Autotask Pro/Go!, Autotask LiveMobile and any existing authentication workflow that hits the standard login page (e.g. ExecuteCommand API). It is currently supported in the hosted version of Autotask only.
