Multi-Factor Authentication (MFA) is becoming a standard everywhere: Mobile devices, email providers, social media accounts... When connecting to a website, you get a notification on the registered devices of your choice or type in a code to verify the access.
SAP Cloud for Customer includes a native support for Single Sign-On. So, it is relatively easy to set up a Multi-Factor Authentication solution as well. In this blog post, learn why MFA offers multiple advantages that increase the security of your platform, without losing any convenience or ease of use.
1. Password juggling is a thing of the past
Using SAML certificates, users don't need to remember the passwords for each site and lose or forget about them. However, security is still ensured by authenticating them by devices and IP addresses, for example.
2. Add multiple layers of security
With multi-factor authentication on SAP C4C, you ensure that even if a password to your identify provider is stolen, your data isn't compromised. It is also easier to prevent a departing employee from accessing company systems that use shared passwords, and track an unexpected access.
3. Easy setup
For SAP C4C, the configuration is quick and just consists of your tenant ID and a username for each user. Create teams, assign security policies, and get rid of cumbersome configuration for each new employees.
4. Centralize your access management
With a single dashboard for the access to all your cloud platforms, have a clear view of each user activities. Adding access to other services is also simple: When implementing an identity provider for SAP C4C, leverage this solution with other services and tools you use. Supported services include Salesforce, Zendesk, or Office 365... This lowers the overall TCO on an essential security feature.
5. Choose from many token providers
There are many multi-factor token providers. If you already use Two-Factor Authentication (with just one code or authenticator) on another platform, it is possible to use the same authenticator with SAP C4C. You can easily choose between a code that is sent to a smartphone, or a notification that just asks for a confirmation on your mobile phone. Supported vendors include Duo Security, Google Authenticator, RSA SecurID one-time passwords, Safenet, Vasco Digipasses ... or even a desktop apps