Akamai Technologies on Wednesday announced the launch of Akamai MFA, a new multi-factor authentication (MFA) solution designed to help companies defend against phishing attacks and quickly deploy the technology without hardware security keys.
According to the company, Akamai MFA uses a smartphone app that turns a user’s mobile device into a hardware security key, allowing companies to quickly deploy FIDO2 MFA without having to deploy and manage security keys.
The company’s solution is designed to deliver a phish-proof, easy-to-use experience for employees and is based on the strongest standards based method available, leveraging FIDO2 and a sealed challenge/response flow, “allowing enterprises to get the best multi-factor security without additional costs, and provides a simple upgrade path as their authentication needs evolve.”
This improves on current MFA approaches that don’t use FIDO2 and can be easily manipulated and replated by attackers using phishing or man-in-the middle attacks, according to the company. Hardware keys had been a solution, but those represent additional costs and the need for IT to manage them.
“Standard second factor push notifications are easily compromised unless enterprises deploy and manage hardware security keys, which adds significant complexity,” said Rick McConnell, the company’s president and general manager of security technology, in a statement. “Akamai MFA delivers all of the benefits of FIDO2 standards and uses a phish-proof push on a smartphone that enables enterprises to move to the next-level of MFA security without the need for hardware security keys.”
Akamai MFA is deployed on the Akamai Intelligent Edge Platform and can be activated and managed centrally via the company’s Enterprise Center solution for scale, resilience and performance. It can integrate with security providers including Microsoft Azure AD< Okta, and Akamai’s own Enterprise Application Access.
Other integrations are supported for Secure Shell and Windows Login use cases, according to the company.