Use Mobile Devices for a Better Authentication Solution

decorative image

Critical enterprise systems – especially cloud applications – are more exposed than ever before because of the growing threat of cybercrime. Data breaches and cybersecurity threats are some of the biggest roadblocks to realizing the full potential of the Enterprise of Things —the growing range of devices connected to your organization.

Passwords alone are not enough for the expanding number of endpoints in your network. Two-factor authentication is essential, but legacy solutions are expensive, difficult to manage, and hard to use.

BlackBerry® 2FA, part of BlackBerry® Secure, a comprehensive endpoint-to-endpoint security solution, leverages mobile devices to solve this problem in a modern way. It delivers simple, highly secure, highly usable user authentication for your key cloud apps, VPN, and other on-premises systems. With BlackBerry 2FA, user authentication for critical enterprise systems is BlackBerry Secure.

Improve the Authentication Experience for Employees

Security is critical to your organization, but so is employee experience and morale. BlackBerry 2FA delivers a positive user experience, and supports a wide range of employee devices (iOS, Android™, and BlackBerry®). Once employees have registered one or more mobile devices, they can access critical systems simply by entering their usual password and clicking OK on a registered mobile device to authenticate.

It’s a simple, high-security solution, with an improved user experience compared with legacy two-factor authentication systems.

  • Eliminates the frustration of complex, multi-step authentication processes
  • Removes the need to remember PINs, carry additional devices, or manually transcribe codes from tiny screens
  • Provides a superior, one-click user experience
  • Enables access to critical systems, even in emergencies or special situations
  • Allows for the use of multiple, preferred devices

Safeguard Your Critical Systems

More and more organizations today are recognizing that their current two-factor authentication systems are inadequate, because they:

  • Offer a complex and frustrating user experience
  • Don’t adequately protect cloud apps
  • Use consumer-grade SMSs or voice callbacks, both susceptible to malware
  • Force authentication into the cloud to protect on-premises systems
  • Rely on unmanaged devices for authentication

You know you need more than just user passwords protecting your organization’s high-value systems, whether it’s critical cloud apps like Microsoft® Office 365™ and Salesforce®, or your VPN. You need a second factor, not just something that users know (like passwords) but also something users have. More than anything else, users have their mobile devices with them throughout the day.

BlackBerry 2FA provides strong, high-security user authentication that safeguards your cloud apps, while still protecting your existing VPN. It uses Certificate-Based Authentication of employee devices via an on-premises server.

Combined with other software and services from BlackBerry, BlackBerry 2FA can also help you to comply with regulations, including the EU’s incoming General Data Protection Regulation (GDPR).

Deploy Based on Your Organization’s Needs

BlackBerry 2FA offers flexible deployment options. You can choose to make the move to BlackBerry 2FA all at once with simple, quick deployment. Or you can opt to deploy for a chosen number of users, then work in parallel with your legacy system and easily scale up as desired.

It allows automatic provisioning to devices managed by BlackBerry® UEM, and a simple activation procedure for users with other devices. In either case, no IT support is required. There are no new physical devices to ship, and no seed files to manage. And you can easily set up BlackBerry 2FA on as many devices as users have.

Support Every Type of User

With BlackBerry 2FA, you can provide two-factor authentication to every type of user inside and outside your organization—from traditional employees and part-time contractors to partners. It supports unmanaged devices and devices managed by a third party, so it can easily map onto almost any device external users may have. If they have a device, you can provision remote users without requiring any new hardware.

BlackBerry 2FA supports affordable, standards-based hardware tokens for users without mobile devices, or users unwilling to put software on their devices. Compared with legacy hard tokens on the market, the tokens supported by BlackBerry 2FA are designed to be less expensive, have longer battery life (typically double), and are available through a wide range of vendors.

Lower Your Operating Costs

BlackBerry 2FA has low up-front costs, with no new authentication devices or infrastructure required. Legacy two-factor authentication systems are expensive to maintain. They often have high maintenance or subscription fees, in addition to high operational costs due to complex provisioning and heavy use of IT resources for resolving user issues.

BlackBerry 2FA virtually eliminates help desk requests that occur frequently with legacy two-factor authentication systems, such as forgotten PINs and lost hard token devices. User errors are also drastically decreased.

Equip Users to Self-Rescue

BlackBerry 2FA offers optional features that can ensure users always have access to your cloud services, VPN, or other systems they need to keep working – without involving IT. Users can pre-authenticate ahead of known network connectivity loss – for example, heading into an area of poor network coverage or air travel.

For device loss, a portal allows users to self-rescue , or even register a replacement device, as appropriate.

Get Started

Purchase BlackBerry 2FA as a part of the BlackBerry® Enterprise Mobility Suite.