Secure Access to Azure and Office 365

Documents and information stored in cloud applications such as Office 365, Google Docs and SalesForce are available from any browser in the world yet they contain confidential company information. Knowing who is accessing the information from both inside and outside the network is critical. Cloud protection should go beyond just the data, it should protect the infrastructure too. This includes Azure administrator access, Mobile device management, Outlook and Email client connectivity.

In this scenario, relying on a password-based only authentication strategy is highly risky. Multi-factor authentication is widely considered to be the best alternative to a simple password-based security when authenticating against browser-based and cloud-connected applications. Both Azure and Office 365 do include some basic 2FA functionality however they are lacking key protection features compared to Authlogics.

Multi-Factor Authentication In Every Scenario

Multiple Factors

We offer both device-less 1.5 Factor Authentication that does not require a second physical device, and more secure 2 Factor Authentication via email, SMS/TEXT, YubiKey hardware token and Authlogics Authenticator soft token.

Multiple Technologies

Each user licence includes PINgrid, PINphrase and PINpass authentication technologies to suit every authentication requirement. You can choose which ones to use per user, and change whenever you like.

Multiple Clients

Our technology works great in a browser and because we support OAuth 2.0, we also integrate with Modern Authentication applications such as Microsoft Office, Skype for Business, OneDrive for Business, ActiveSync and Workplace Join.

How Our Technology Works

Authentication Server integrates directly with Active Directory and ADFS to provide trusted and proven security when federating with Office 365 and Azure services, with minimal setup and management complexity.

Our solution greatly reduces setup and deployment overhead by integrates directly with your existing Active Directory infrastructure. We provide a consistent authentication experience for users when logging into any environment, whether it be cloud-connected desktop applications or in the browser, and offers a flexible level of authentication factors and authentication types to suit any scenario included in a single user licence.

ADFS with Office 365

Authlogics ADFS Agent with Office 365 authentication workflow

Office 365 Clients and Apps

The client side of Office 365 is often overlooked but is vitally important. When you enable Multi Factor Authentication with Office 365 (from any vendor), by definition, you make a username and password only combination redundant. As such, any client application that asks for and remembers a password will no longer work. Microsoft has addressed this issue with “Modern Authentication” which is built into all the Office desktop apps (Office 2013 and higher).

When required, the office app, e.g. Outlook, will present a mini web browser view of a logon page allowing for a new logon process which includes Multi Factor Authentication – including Authlogics. From a user’s perspective, it is similar to how a Microsoft Account works with consumer based services.

Modern Authentication is already built into many Microsoft applications including Outlook, Skype for Business, Active Sync and Workplace Join.

iPhone PINgrid web logon 4

Feature Comparison

Microsoft’s MFA solution is primarily built around the OATH One Time Pin standard used by most vendors (including Authlogics PINpass). It also supports “Push” notifications via a mobile app.

Microsoft includes a limited version of their MFA solution (Multi-Factor Authentication for Office 365) with all Office 365 SKUs which covers some basic scenarios. Furthermore, Microsoft offer a more feature complete version of their MFA solution (Azure Multi-Factor Authentication) which is available as part of the more expensive Azure AD Premium and Enterprise Mobility Suite services.

Multi-Factor Authentication for Office 365 is limited to Office 365 applications only and administered via the Office 365 portal, so if you require secure Single Sign-On to other cloud providers or On-Premise applications this is not an option. For those features you will need to upgrade (for a fee) to Azure Multi-Factor Authentication which gives you “One-Time Bypass”, reporting, and allows you to install an On-Premise server (essentially the recently purchased Phone Factor product). The down side to this is that you need to administer the On-Premise and Cloud offerings separately as there is no integration.

Feature \ Solution
Azure MFA
MFA for Office 365
Multiple authentication technologies
1.5 Factor Authentication option
Mobile App token
Real-Time SMS token delivery
Pre-Send SMS token delivery
Email token delivery
3rd Party Cloud support
On-Premise app support
Self Service AD password reset
Emergency Bypass Codes
2FA PIN option
Authentication SDK
Web API (100% automation)
Uses AD as a database (no syncing)
Log on to Windows Desktops
Based on publicly available data Mar 2017.