When it comes to securing enterprise applications, one area that can no longer be overlooked is multi-factor authentication (MFA). Whether it's a new application with well-defined business requirements, a legacy application that received years' worth of audit exceptions or users demanding a simplified logon process, your organization needs a robust platform that delivers authentication credentials that are built for today’s escalating threats.

But that’s a tall order in a world that also demands a frictionless user experience and uninterrupted productivity. Authentication credentials should be strong enough to verify a person's identity, yet easy to use so they don't introduce unnecessary hurdles for the user or the organization's help desk. When considering which MFA credential to require, it's important to consider risk factors that can determine a user's behavior and device during the authentication process.

While authentication utopia is to ultimately eliminate passwords, it will take time to gain wide support and adoption as organizations evolve their environments. Luckily, Broadcom Software provides the MFA solutions needed to begin a passwordless journey.

Let's take a look at the top tier MFA solutions we deliver to organizations of virtually any size:

MFA solutions for all

On-prem or in the cloud with the VIP (Validation and ID Protection Service) Authentication Hub: A cloud-native multi-factor authentication and risk engine, built on microservices deployed in containers and orchestrated by Kubernetes. 

Deployed either on-premises or in cloud environments, this API-first solution can be fully stood up and managed within your DevOps processes. It provides robust policy orchestration, phishing-resistant credentials and a risk engine that incorporates user and device behavior. The extensible platform enables integration with external risk providers, identity platforms and, with the custom service provider interface, can consume almost any data source for decision processing.

A single VIP Authentication Hub (AuthHub) instance can support native integrations with modern applications and seamlessly integrate with SiteMinder protected applications.

Force multiply your team with VIP SaaS Service: A multi-factor authentication and risk service built for and delivered from Broadcom's cloud infrastructure. 

It shares similarities with VIP Authentication Hub in terms of risk service and authentication methods provided but is a separately designed and managed service. It trades policy flexibility and extensibility found in AuthHub for a U.S.-based hosted service that provides management-free operation and upgrades.

Achieve phishing-resistant authentication with SiteMinder WebAuthn: A web-browser API authentication standard that enables users to perform passwordless authentications to web-based applications and services. 

SiteMinder WebAuthn offers passwordless authentication delivered directly from SiteMinder starting with version 12.8.8. The WebAuthn standard defines how clients and servers handle passwordless authentication using public-key based credentials, hardware tokens (for example, Yubikey), or biometrics (for example, Touch ID or Face ID). This phishing-resistant authentication eliminates or complements password-based authentications. WebAuthn is delivered as an authentication scheme and can be applied to any SiteMinder protected application to enable passwordless credential authentication.

MFA credential options abound

Our VIP solutions provide a range of MFA credential options, designed to meet your unique needs.

• Passkeys: A phishing-resistant, password-less, software credential using cryptographic keys. When combined with on-device biometrics, the passkey will be protected from unauthorized use.
• Biometrics: A phishing-resistant credential that leverages the on-device biometric authenticator to register and validate the user identity.
• Security keys: A phishing-resistant hardware authenticator that is portable when multi-device use is a requirement. Just don't lose it!
• Mobile push: An out-of-band notification on the user's mobile device that requires a response to complete the authentication process. An additional number challenge helps prevent an MFA fatigue attack.
• Mobile OTP: A software credential—one-time password—that provides a set of numbers that frequently change.
• Security code: A one-time password that is sent via SMS, email or voice.

Take the first step. A passwordless future awaits.