Previous Topic

Next Topic

Book Contents

Book Index

User Authentication - Multi-Factor Authentication

Multi-factor authentication protects MOVEit Transfer accounts from unverified users when a user's account password is lost, stolen, or compromised. To verify user identity, MOVEit Transfer gives users private access to a uniquely-generated verification code (made available by email or mobile app). This additional verification step ensures user sign on is genuine.

Allow MultiFactorAuthentication Allow Multi-Factor Authentication... Enables MFA, organization-wide. (Check this box to reveal the full set of MFA administrator controls)

(MFA Administrator Controls Panel)

Best Practices for Applying MFA to Your Organization

Typical administrator tasks for 'roll-out' of multi-factor authentication follow:

1.

Check your site's data requirements.

  • HIPAA, SOX, PCI, and so on typically require identity verification controls (MFA, for example) for administrator users.
  • Email affected users of the upcoming roll out of the new verification process.
  • If needed for policy compliance, give a time window where the selected users can expect to see a change in their sign on process.
  • If optional only, you can explain the benefits through email using links from the MOVEit Transfer User Guide or the Sign On Help.

2.

Allow Multi-Factor Authentication...Allow MultiFactorAuthentication

  • Users can now opt in from MY ACCOUNT page to use designated methods (Available Methods).
  • (At their next sign in, users will be guided through the set up process.)

3.

Add Available Methods.

  • (Optional setting) Authenticator app by way of a mobile device is the default.

4.

Enable Remember this Device.

  • (Optional setting) Without this convenience, users will need to verify each time they sign in even after session timeouts.

5.

Enforce Multi-Factor Authentication. (As policy)

  • (Optional setting) Selected users will be required to set up their account and sign on using MFA at next sign in. Set up screens will guide them through the process.
  • Users using SAML at sign in will not be affected.
  • Individually exempted users will not be affected.
  • (Optional setting) Organize exempted users into groups for tracking purposes.

Note: To learn more about how MOVEit Transfer users interact with multi-factor authentication (at sign-on and in MY ACCOUNT settings) see the MOVEit Transfer User Guide.

How Does MFA Affect My Users?

Multi-factor authentication in MOVEit Transfer is:

Tip: Multi-factor authentication adds another step in the MOVEit Transfer user sign-on sequence. Users can eliminate this step by adding the current device to a list of trusted clients by selecting the "Remember this device" option at sign on.