Skip to main content

How is Fourth Defending Against Online Threats, such as Ransomware?

Comments

7 comments

  • Official comment
    Michael Hordern

    Hi Tom, Bronwen,

    Thank you for your questions.

    Multifactor Authentication for login to Engage and the Fourth app is already available for customers using Fourth as their IDP.  If you want this enabled for your users' profile(s) then please speak to your customer representative.

    Once this is activated then users accessing Engage, and admin users accessing the portal/console, using a Fourth Account and password would be subject to this additional restriction.

    And in those cases where an authorised Fourth employee “impersonates” a user who has MFA enabled, for troubleshooting purposes, that user would still need to approve the login via their second factor in order for the Fourth employee to gain access.

    Note that if a customer uses their own external IDP (like ADFS, Okta, etc.) then it is likely that that system will be responsible for authentication of the user via one or multiple factors.

    Thanks,

    Michael

  • Tom Mercer

    Is there a plan to launch multi factor authentication for Engage log in?

    1
  • Bronwen White

    Building on Tom's question, I'd also like to know if MultiFactor login is used by Fourth staff accessing our portal? And is MFA a possibility for for our admin users who do not use SSO via Engage? (They log straight into the portal using a traditional login and password)

    0
  • Tom Mercer

    Good point re Fourth staff. For reference, this is a question posed by our IT team as it is their expectation that this can be enabled or at the very least is in development.

    0
  • Tom Mercer

    Thanks Michael. Coming from a very non tech brain, what is an IDP and how do I know if we're using Fourth as the IDP?

    0
  • Michael Hordern

    Sorry Tom but we love a good TLA* in the software game.

    IDP stands for identity provider which is a service that creates, stores and verifies user identity using one or more authentication factors, such as a password or an authenticator app on your phone. 

    The idea of multi-factor authentication is to increase the certainty that the user is who they say they are by asking for more than one thing; usually "something you know", like a password, and "something you have" like your phone.

     

    You're probably using Fourth as your IDP if you log directly into Engage (or the Fourth app or the admin console) with a username and password today. 

    However, if you log in somewhere else first then your probably using an external IDP.  Your IT department would be able to tell you for certain because they would have worked with us to configure it (or you could ask your Fourth rep).

    Hope that helps.

    *three letter acronym

    0
  • Tom Mercer

    Thanks, we do indeed log directly into Engage with username and password. LSNT*

    *Learnt Something New Today

    0

Please sign in to leave a comment.