Ransomware attacks are not only on the rise, but also targeting your backups. Multi-Factor Authentication (MFA) secures the credentials protecting this critical last line of defense. Rubrik strongly encourages customers to implement MFA on all Rubrik access methods.
A Time-based One-Time Password (TOTP) enables two-factor verification for local and LDAP users to enhance existing MFA capabilities and safeguard user accounts accessing the Rubrik web UI and CLI.
How MFA Works
MFA is an effective security control for protecting both on-premises and public cloud data. This method protects against stolen credentials by requiring additional authentication steps (or factors) before granting access. Common factors are username and password, numeric codes from an authentication app, or physical security keys.
If one of the factors (commonly, the password) has been compromised by a hacker or unauthorized user, the chances of another factor also being compromised are low. Thus, MFA provides confidence in the user’s identity.
MFA for Single Sign-On (SSO)
For SSO integration, Rubrik integrates with SAML 2.0 Identity Providers (IdP), enabling users to access multiple applications with a single set of credentials. SAML providers can support multiple types of MFA schemes. Typical providers include Okta, Duo, and Ping Identity.
Learn More About Using MFA with Rubrik
Blog Post | Jul 13, 2021
Defeating Ransomware with Multi-Factor Authentication (MFA)
As more organizations confront ransomware threats, IT teams must take proactive steps to protect data and applications, which have become a high-value target for attackers. One of these steps is enabling multi-factor authentication (MFA) wherever possible, especially in the backup environment.
Blog Post | Aug 5, 2021
How Intrusion Risk Controls Ward off Ransomware Hackers
Ransomware hackers today are getting smarter and more sophisticated. The new object of their desire is often your backups, and the only way to protect them is to keep them inherently secure. This is why security must begin at the point of data.