MSP Chooses UserLock for Insurance-Approved, On-Premise Two-Factor Authentication (2FA)

MSP Chooses UserLock for Insurance-Approved, On-Premise Two-Factor Authentication (2FA)

  • Customer

    Shift Technologies

  • Industry

    IT services and solutions (MSP)

  • Geography

    United States

From installment to enrollment, getting UserLock up and running took just 4 hours. I was expecting a few days.

Ryan Olson Technology Specialist

  • Challenge: Shift Technologies was looking for a two-factor authentication (2FA) solution for more than one client. The solution had to be approved by the insurance company. They wanted the MFA solution to work without an internet connection, to handle all access attempts within the network, and to provide the ability to customize for individual user access.

  • Solution: Because the client needed a solution hosted on-premise and linked directly to Active Directory (AD), UserLock was a clear solution.

  • Result: UserLock was approved by the insurance company, and the team at Shift Technologies found that UserLock’s 2FA was easy to implement, lightweight for users, and secured access without impeding employee productivity.

Shift Technologies is a Minnesota-based MSP providing commercial IT technical support to small and large enterprises.

The Challenge Securing Insurance-Approved User Access With In-Network Management of MFA

One of Shift Technologies’ clients, a trucking and excavating company, wanted a 2FA multi-factor authentication solution to work directly with on-premise AD and worked without an internet connection. They also wanted to handle all access attempts across the network, both when employees are on-site and working remotely. And while they needed 2FA to be enabled on every PC, they needed to manage and customize MFA for individual user access needs. Finally, the solution would need to be approved by their insurance company.

The client had tested a few available options, but found the programs hard to manage. They also found that with cloud based systems, the default was to let users in if the internet connection was lost.

Ryan Olson, technology specialist at Shift Technologies, notes that while the Shift Technologies team had worked with other 2FA providers in the past, they didn’t have a tested solution that satisfied all of the client’s requirements.

The Solution Installation and Enrollment in Hours, Not Days

When Olson started looking into options for 2FA authentication linking with AD, he quickly found UserLock. He wanted an option that supported both YubiKey and phone authentication, and UserLock supports both. The internal team installed UserLock on their internal server to test the solution in-house.

Olson liked the easy-to-use interface and management capabilities, and moved to deploy it for the client. The client’s team found the process straightforward and easy to understand. Altogether, the entire process from installation to enrollment took about four hours.

The Benefits An Insurance-Approved MFA Solution That Balances Security and Productivity

The client’s insurance company approved UserLock as a solution that met their requirements. With multiple successful deployments now complete, Olson says UserLock is the option of choice for clients who need an on-premise multi-factor authentication solution.

The network install feature is the best that I’ve seen,” notes Olson. “You usually run into firewall issues on each PC but this seems to get around it. I’ve never had a problem installing remotely on people’s systems.

Ryan Olson
Technology Specialist

He likes that “UserLock is very lightweight — once it’s installed, you don’t know it’s there.” The product strikes a balance between security and employee productivity — offering an easy-to-use solution for both the IT administrator and the end user.

He also appreciates the granular access control, along with access to data like how many bad password attempts each user has.

As for the authentication method, Olson finds it helpful that clients can choose between different methods for the additional 2FA verification step.

While some clients prefer to authenticate using their phone, Olson notes that many opt for YubiKey. Since the end-user doesn’t have to take out a phone for each login, using a key further minimizes the hassle for employee access. And YubiKey makes it even easier to enroll users, since it doesn’t require the end user to download an app.


Get your 30-day free trial now and secure your Windows network with UserLock

Download Free Trial Discover UserLock

More Case studies?

Read more reviews from our UserLock customers.