Secure Access to Azure and Office 365

Documents and information stored in cloud applications such as Office 365, Google Docs and SalesForce are available from any browser in the world yet they contain confidential company information. Knowing who is accessing the information from both inside and outside the network is critical. Cloud protection should go beyond just the data, it should protect the infrastructure too. This includes Azure administrator access, Mobile device management, Outlook and Email client connectivity.

In this scenario, relying on a password-based only authentication strategy is highly risky. Multi-Factor Authentication is widely considered to be the best alternative to simple password-based security when authenticating against browser-based and cloud-connected applications. Both Azure and Office 365 do include some basic 2FA functionality however they are lacking key protection features compared to Authlogics. Authlogics can provide passwordless and deviceless access to Cloud applications.

Multi-Factor Authentication In Every Scenario

Multiple Factors

We offer both device-less Deviceless OTP that does not require a second physical device, and more secure Multi-Factor Authentication via email, SMS/TEXT, YubiKey hardware token and Authlogics Authenticator mobile app.

Multiple Technologies

Each user licence includes all our authentication technologies to suit every authentication requirement. You can choose which ones to use per user, and change whenever you like.

Multiple Clients

Our technology works great in a browser and because we support OAuth 2.0, we also integrate with Modern Authentication applications such as Microsoft Outlook, Teams, OneDrive for Business, ActiveSync and Workplace Join.

How Our Technology Works

Our solution integrates directly with Active Directory and ADFS to provide trusted and proven security when federating with Office 365 and Azure services, with minimal setup and management complexity.

We provide a consistent authentication experience for users when logging into any environment, whether it be cloud-connected desktop applications or in the browser, and offers a flexible level of authentication factors and authentication types to suit any scenario included in a single user licence.

ADFS with Office 365

Authlogics ADFS Agent with Office 365 authentication workflow

Office 365 Clients and Apps

The client-side of Office 365 is often overlooked but is vitally important. When you enable Multi-Factor Authentication with Office 365 (from any vendor) you forgo the username and password by themselves. As such, any client application that asks for and remembers a password will no longer work. Microsoft has addressed this issue with “Modern Authentication” which is built into all the Office desktop apps (Office 2013 and higher).

When required, the Office app (e.g. Outlook) will present a mini web browser view of a login page allowing for a new login process which includes Multi-Factor Authentication. From a user’s perspective, it is similar to how a Microsoft Account works with their consumer-based services.

iPhone PINgrid web logon 4

Feature Comparison

Microsoft’s MFA solution is primarily built around the OATH One Time Pin standard used by most vendors (including Authlogics PINpass). It also supports “Push” notifications via the Microsoft Authenticator app.

Microsoft includes a limited version of their MFA solution (Multi-Factor Authentication for Office 365) with all Office 365 SKUs which covers some basic scenarios. Furthermore, Microsoft offers a more feature-complete version of their MFA solution (Azure Multi-Factor Authentication) which is available as part of the more expensive Azure AD Premium and Enterprise Mobility Suite services.

Multi-Factor Authentication for Office 365 is limited to Office 365 applications only and administered via the Office 365 portal, so if you require secure Single Sign-On to other cloud providers or On-Premise applications this is not an option. For those features, you will need to upgrade (for a fee) to Azure Multi-Factor Authentication which gives you “One-Time Bypass”, reporting, and allows you to install an On-Premise server (the recently acquired Phone Factor product). The downside to this is that you need to administer the On-Premise and Cloud offerings separately as there is no integration.

Feature \ Solution
Azure MFA
MFA for Office 365
Multiple authentication technologies
Deviceless Authentication
Passwordless Authentication
Mobile App token
Real-Time SMS token delivery
Pre-Send SMS token delivery
Email token delivery
3rd Party Cloud support
On-Premise app support
Self Service AD password reset
Emergency Bypass Codes
2FA PIN option
Authentication SDK
Web API (100% automation)
Uses AD as a database (no syncing)
Log on to Windows Desktops
Based on publicly available data Mar 2017.