This is a guest blog post by Horacio Zambrano, CMO, TruU Inc.

Given that all organizations have had to adapt to COVID-19 and the need for remote work, we know they’re facing an increasing volume of cyberattacks. There has been tremendous growth in phishing attacks, as well as malicious websites and malware since the beginning of 2020.

User Experience Is Key to Making Passwordless MFA Acceptable

Given the focus on the employee and the privileged user in the enterprise, it’s clear that removing the leading target for hackers from the equation makes a lot of sense. We won’t harp on the common refrain of passwords being around since the 1960s, password complexity being a source of frustration and vulnerability for end users, and the fact that compromised credentials drive over 80 percent of data breaches. We will point out that one reason passwordless authentication has not taken hold is because of the massive trade-off in user experience such solutions have generally entailed.

To be clear, most passwordless multi-factor authentication (MFA) solutions center on a mobile push to a biometric authentication event. While this is more secure than depending on something you know, we have found it creates user fatigue when it becomes the new normal mode of operation. We see this with basic MFA, as well, and when extended to entire workforces (as it has in many cases),  we hear of users complain of “MFA fatigue.”  The requirement of accepting mobile notifications for every application access or workstation unlock becomes tedious rather quickly. And unfortunately, for traditional MFA, a password is still being used, so organizations are no better off from a security perspective while end users are forced to take a hit on productivity and user experience.

Proximity Is the Answer that Will Usher in Widespread Acceptability

At TruU, we’ve worked with Citrix to ensure that user access is as seamless and frictionless as possible to enable virtual apps and desktops. TruU Identity Platform is Citrix Ready validated on Citrix Gateway and Citrix Virtual Apps and Desktops.

Citrix Virtual Apps and Desktops infrastructure represents an essential strategy for delivering services and resources to employees, partners, and contractors while minimizing the attack surface area of the new riskier reality. Tying in passwordless authentication to Citrix environments creates a best-of-both-worlds scenario where credential risk is eliminated by TruU and malware download risk is eliminated with Citrix solutions.

We have found organizations want to deploy passwordless solutions down to an employee’s workstation, be it a Windows machine or Mac. Unfortunately, hardware-bound biometrics such as Windows Hello for Business requires the user to still remember a network password from time to time and allow for less flexibility with access from unmanaged endpoints. The optimal experience is achieved when users can seamlessly login to their endpoint and fire up a Citrix Virtual App or Virtual Desktop session without the need for authentication credentials end to end.

This is what we’ve achieved in our Citrix integration. Through the use of Citrix Federated Authentication Service, we can pass authentication credentials from an endpoint seamlessly to the Citrix virtual session, regardless of whether a user is on premises or remote. In addition, proximity detection and signaling, which require machine learning to optimize, enables us to eliminate the need for a repeated biometric assertion to achieve the “passwordless” objective. When an endpoint proximity login is paired with passwordless Citrix access, end users and their IT organizations truly get the best of both worlds with the most frictionless access experience and the safest modality available to have eliminated a password from the picture.

TruU and Citrix recently highlighted their partnership and integrations in a Citrix Ready joint webinar, Empower Frictionless, Secure Access with Citrix and TruU, which you can watch in full below. We invite you to check out the webinar and demos provided on-demand to see the power of best-in-class virtual apps and desktops infrastructure and passwordless MFA at work together.