Comply with ENISA best practices
UserLock helps you comply with ENISA best practices, which include the use of access controls and multi-factor authentication (MFA).
Following the emergence of information technology and the growing awareness of its potential risks, the European Cybersecurity Agency (ENISA) was set up in 2004. Its aim is to guarantee a common high level of cybersecurity throughout Europe, in cooperation with the member states and the various bodies of the European Union.
With the increase in cyberrisks and the associated consequences, ENISA and CERT-EU are urging organizations to follow a list of recommendations to increase their level of security, in addition to national regulations specific to each country.
Here's how UserLock supports ENISA best practices.
ENISA stresses the importance of implementing a second authentication factor (2FA) to protect your accounts. Implementing 2FA blocks 99.9% of automated attacks, reducing risks.
UserLock helps you protect access to your Active Directory accounts, both on-premise and in the cloud, by applying Active Directory MFA to all Active Directory user credentials. Once the UserLock solution has been installed, users will be prompted to use an additional authentication application or programmable software token to log in.
The rise of telecommuting and the massive use of remote services are making it more complex to apply security and system access policies. That's why ENISA and CERT-EU are encouraging organizations to add a layer of security to all online services, from VPN connections to extranets and online e-mail services such as Exchange Online.
UserLock allows admins to secure remote access, even when remote users do not have access to the corporate VPN. Whether it's a VPN connection, a virtual desktop, an IIS session or an RDP connection, MFA can be activated for all these connections.
In their joint publication, ENISA and CERT-EU also recommend the use of segmentation and restrictions to limit network access. According to them, these restrictions can take various forms (device, environment, etc.). Setting up these rules adds an extra level of control.
UserLock can help you prevent unauthorized access by setting up contextual restrictions:
Origin: restrict connections by country, workstation, device or IP address
Time: apply session time quotas or opening hours
Session type: manage interactive sessions, WI-FI and VPN sessions, and IIS sessions
Simultaneous sessions: prevent your users from logging on to multiple devices at the same time
UserLock also lets you assign these restrictions to users or groups of users, making it easier to manage your organization.
ENISA's recommendations provide a framework to help organizations achieve a robust security infrastructure. As we saw above, implementing MFA for Active Directory account logins and MFA for remote logins adds an important extra layer of security. Find out how UserLock's MFA can help you secure access to your networks while complying with ENISA recommendations.