Good MFA solution for SMB
Use Cases and Deployment Scope
We use UserLock to implement MFA by default for all administrator accounts, remote webmail access and sporadic Windows access such as remote desktop and off network laptop useage. It's also really useful to run logon reports and to discover access times for PCs by users.
Pros
- Easy to setup and install for the most part
- Easy to onboard users
- Logging and reporting of user's access to devices really good
Cons
- Implementing the agent in IIS scenarios could be easier and more guided
- IIS upgrade agent upgrade process could be improved upon
- An overall summary of applied permssions for a particular user would be useful
Most Important Features
- MFA
- Reporting
- Support
Return on Investment
- Sometimes does not unlock task manager access when it pops up with MFA prompt, can be a pain to have to undo
- It's great value for money compared to more high end products
- Generally reliable and has improved security hardening
Other Software Used
ManageEngine Endpoint Central, Bitdefender GravityZone, BricsCAD
