Hey everyone,
I hope this is the right place to ask about multi-factor authentication (MFA) setups for production employees in the manufacturing industry. Currently, we have MFA enabled for our office staff, but we haven't implemented it for production workers since they aren't allowed to have phones on-site. We need to enable MFA across all accounts to qualify for cyber insurance.
I'm considering options like certificate-based authentication (which could get pricey if we go with Supply Chain Management) or looking into conditional access.
If anyone here works in a similar environment or has faced this challenge, I'd love to hear your thoughts on the best approach. Thanks!
2 Answers
You might want to consider using YubiKeys. They’re supported by most major sites and integrate nicely with Active Directory as Smart Cards. It could really streamline things.
I work in IT within the manufacturing sector, and we recently had to phase out phones on-site as well. We did a mass rollout of YubiKeys, and it went pretty well! Just keep in mind that some users might need their keys reset often, but overall, it's a solid solution for a large scale rollout.
Thanks! Which YubiKey provider did you use? I’ve mostly heard about Yubico. Did you have to buy any extra software to manage them?