The word free has multiple meanings according to the Merriam-Webster dictionary. Among them are “not restricted”, “not costing”, “relieved from something burdensome”. When a solution is free or bundled with Enterprise License Agreements (ELA) and is used as key decision driver towards purchasing or rolling out Multi-Factor Authentication (MFA) the hidden costs are overlooked leading to return on investment challenges. An Identity and Access Management (IAM) influencer or a decision maker thinking about free Microsoft Azure AD MFA need to consider the following three criteria and associated questions while making such decisions.
- A consolidated authentication framework to support diverse user population, variety of infrastructure & applications while mitigating identity specific attacks. Do organizations feel restricted or advancing in developing a consolidated authentication framework using a free solution?
- Overhead costs related to people & processes from supporting multiple vendors and managing multiple authentication platforms. Does having multiple authentication vendors cost organizations more?
- An authentication platform that helps IAM teams meet different regulatory requirements while supporting strong security policies. Do free solutions burden IAM teams more when trying to address MFA requirements as part meeting their regulatory needs (eg. PCI-DSS, DFARS, EPCS) ?
If the answer is a resounding yes to the above questions the next series of blogs will provide guide paths and recommendations on how to address those questions effectively. These recommendations should enable organizations & IAM teams make an informed decision when considering RSA SecurID Access or free Microsoft Azure AD MFA for their authentication needs.