If your organization relies on a mix of cloud based and local applications then Azure AD CBA (Certificate Based Authentication) may be a better fit. If your organization already has an established Certificate Authority (CA) associated with your Active Directory, and supports mainly local applications then you can follow these guides to integrate and deploy phishing resistant MFA for your users. Do you have (or plan to implement) a standard onboarding process with supplied hardware and credentials or are users encouraged to bring their own devices?.Will users mainly be working from central locations or are they geographically dispersed?.
Do the applications have local clients, or are they accessed via a web browser? Do you have a SSO solution in front of any of them already?.Will you be solely focused on application logon or will you need to include device sign-in as well?.For each point consider the use cases that you need to fulfill. If your existing technologies rely mainly on an on-premises Active Directory infrastructure, you may already be well situated for several of the following decision points. Phishing-Resistant MFA - On-premise Infrastructure
0 kommentar(er)
