Last updated on September 23, 2024
Here is a compilation of commonly asked questions about the Rublon platform.
Rublon MFA – Frequently Asked Questions
How is Rublon MFA different from other multi-factor authentication solutions?
Rublon MFA stands out due to its compliance with a myriad of cybersecurity standards and regulations (GDPR, FTC Safeguards Rule, NIS2 Directive, HIPPA, ISO 27001, and NIST SP 800-63), compatibility with various business technologies (Windows, RDP, AD FS, OWA, Office 365, RD Gateway, RD Web Access, RD Web Client, RRAS), and support for both software (Rublon Authenticator) and hardware authentication (FIDO2). It’s a scalable solution that integrates deeply with Microsoft technologies and other platforms. Moreover, Rublon offers phishing-resistant authentication methods like WebAuthn/U2F, ensuring robust security. It is ISO 27001 certified, offers flexible subscriptions, and is made in the European Union. All these aspects make Rublon a comprehensive and user-friendly multi-factor authentication solution.
Which Identity Providers (IdPs) does Rublon MFA support?
Rublon MFA supports a wide range of Identity Providers (IdPs), including but not limited to Microsoft Active Directory, Azure AD, OpenLDAP, FreeIPA, and FreeRADIUS. This broad compatibility ensures that organizations can integrate Rublon MFA into their existing identity management infrastructure seamlessly, enhancing security without disrupting current workflows.
How does Rublon MFA help prevent Account Takeover (ATO) attacks?
Rublon MFA helps prevent Account Takeover (ATO) attacks by adding an extra layer of security to the authentication process. By requiring users to provide additional proof of identity beyond just a password, Rublon MFA significantly reduces the risk of unauthorized access. Even if an attacker obtains a user’s password, they would still need to compromise the second authentication factor like a FIDO2 hardware token or a mobile authenticator app. By requiring users to provide at least two forms of identification, Rublon MFA makes it significantly more difficult for unauthorized individuals to gain access to accounts, even if they have obtained the user’s password.
How does Rublon MFA help prevent phishing attacks?
Rublon supports phishing-resistant FIDO2 passkeys and FIDO U2F & FIDO2 security keys. FIDO U2F and FIDO2 security keys are cryptographic devices that provide strong hardware-based authentication resistant to phishing. FIDO2 passkeys are stored in a Passcode Manager’s local vault or on a FIDO2 security key, depending on whether they are software-bound or hardware-bound. Rublon MFA supports both software-bound and hardware-bound passkeys. By supporting phishing-resistant authentication methods, Rublon MFA significantly reduces the risk of phishing attacks and enhances the overall security of user accounts.
Can I choose the authentication method used during Rublon Multi-Factor Authentication?
Yes, Rublon MFA allows users to choose their preferred authentication method. Administrators in the Rublon Admin Console can set which authentication methods should be selectable for users. Options include Mobile Push, WebAuthn/U2F Security Key, Passcode, SMS Passcode, SMS Link, Email Link, QR Code, and YubiKey OTP Security Key. This flexibility ensures that users can select the method that is most convenient and suitable for them, while administrators can limit the use of some of these methods depending on the given application or user group.
Can I enable Rublon MFA for my VPN?
Absolutely. Rublon MFA can be enabled for VPNs to provide an additional layer of security. By doing so, you can ensure that only authorized users can access the corporate network, thereby protecting data and resources from potential threats. Here’s a list of some of the VPNs supported by Rublon MFA but you can enable Rublon for many more VPNs, as long as they support the RADIUS protocol.
Can I use an API to automatically do tasks in the Rublon Admin Console?
Yes, Rublon provides an API that allows you to automate various tasks in the Rublon Admin Console. This feature can help streamline your workflow and increase efficiency by reducing the need for manual intervention. Learn more by reading Rublon Admin API.
How does Rublon MFA integrate with existing IT infrastructure?
Rublon MFA integrates seamlessly with existing IT infrastructure using native connectors and APIs. It supports various business technologies like Windows, Active Directory, Remote Desktop, AD FS, VPN, SSH, and protocols such as LDAP, RADIUS, and SAML. For more detailed information on integrating Rublon MFA with various technologies, take a look at Rublon Documentation.
What types of applications can Rublon MFA protect?
Rublon MFA can protect a wide range of applications. It can secure access to networks, servers, cloud apps, endpoints, VPNs, and on-premise apps. It also supports various Microsoft technologies, RMM solutions like N-central and Datto, and platforms like Atlassian Jira and Confluence, WordPress, and more.
How does Rublon MFA handle user enrollment?
When it comes to enrolling users in the Rublon Admin Console, a few options exist. Users can be automatically added to the list in the Users tab after they successfully complete MFA for the first time or be added manually by an administrator. A third option involves sending approval emails to administrators that require explicit approval of each user.
How does device enrollment work in Rublon?
Users can self-enroll their devices during any sign-in to a service integrated with Rublon. The enrollment process involves adding the authenticator, for example activating the Rublon Authenticator mobile app or enrolling a FIDO2 security key. If users cannot self-enroll their device, an administrator can send them a link that leads to the enrollment page.
How does Rublon MFA ensure user privacy?
Rublon MFA ensures user privacy by protecting the organization’s data without compromising user privacy and productivity. It helps reduce GDPR risk by protecting applications that process personal data.
What kind of support is available for Rublon MFA implementation and troubleshooting?
The comprehensive integration documentation helps administrators enable Rublon MFA for any application. Rublon Help and FAQ pages contain solutions and answers to many issues and questions. Also, Rublon provides a very responsive Rublon Support team that can help a customer at any step during their implementation and maintenance.
Can Rublon MFA be customized to match my company’s branding?
Administrators can change the logo displayed on a Mobile Push authentication request and the Rublon Prompt. They can also customize the Rublon Prompt and emails from Rublon by changing the contents of the help messages. Lastly, the Rublon Admin API allows an organization to make calls to the Rublon API programmatically. This approach allows programmers to create a custom application that calls the Rublon API, effectively being a branded equivalent of the Rublon Admin Console.
Can I use Passkeys with Rublon MFA?
Yes, you can use FIDO2 passkeys during multi-factor authentication (MFA) logins with Rublon MFA. For more information, refer to Does Rublon MFA work with passkeys?.