You are using an ad blocker that is interfering with our web typography and internal javascript. Please allow our domain to live in a more beautiful world. No ads here, just really great software!

What Was Your Favorite Moment of Experience? Relive The Event Now On Demand! Watch Replays

Blog Post|7 minutes

300 Tickets & Counting: Clearing Up Confusion Over Multi-Factor Authentication

April 29, 2020

Most remote employees are probably familiar with a security practice known as multi-factor authentication (MFA), even if they cannot technically define it.

If you’ve ever tried to complete an online purchase and were met with a string of security questions or received a one-time password (OTP) on your mobile device—then you’ve participated in an MFA process.

In its simplest form, MFA is an additional security layer that forces end users to pass through at least two of three parameters: something you know (e.g. a password), something you have (e.g. an OTP token on a mobile device), and something you are (i.e. biometric data).

Much like disk encryption or antivirus software, MFA is but one more weapon used by IT Ops to safeguard against cyberattacks and data theft.

And yet, aside from its popularity and utility, many companies are realizing that deploying an MFA project can be incredibly confusing and disruptive for both employees and IT support.

Ready. Set. Wait!

Here’s what I mean:

This spring, one of our customers deployed an MFA solution for their remote work environment and immediately ran into trouble.

Looking to add a supplementary security layer to their VPN setup, IT Ops deployed a new MFA solution on their company’s first remote workday. The idea was that employees would log into their devices with their passwords (something they know), then to connect to the VPN, they’d answer a few challenge questions (something they know, x2) and receive an OTP token on their mobile device (something they have).

mfa process

But by noon that day, the IT help desk received over 300 calls from employees looking for assistance.

And we’ve seen similar situations occur with other enterprise technology teams.

So why does this sort of thing happen?

A few reasons:

  • Not all employees are comfortable or savvy enough to immediately complete an MFA request
  • Without advanced warning, employees can feel blindsided by the MFA process and will instinctively reach out for help or confirmation
  • Not all security factors have clear and concise language, and some can seem suspicious (imagine working from home for the first time and being asked to pass challenge questions when you are accustomed to SSO)
  • Some MFA solutions may prompt users to question why they can’t see which security questions they answer are correct or incorrect (there’s a good reason for this)
  • IT cannot proactively support employees during this process because they lack effective targeting and communication tools, and as a result, they often get slammed with tickets post-deployment.

How to bridge the gap

There’s one thing our customers have that helps them cut through the noise:


They have clarity on how their end users perceive their digital experience, and they can effectively guide these people during remote MFA deployments and do so at scale.

We are really excited about how quickly we were able to turn this (MFA deployment) around. From panic to calm in just a few hours!

Migration Support Team Supervisor

Leading Packaging Company

That same customer who received over 300 calls into their help desk, quickly pivoted and used Nexthink’s Engage module to turn their situation around.

Leveraging our patented technology, the IT Ops team was able to target those users that hadn’t passed their MFA clearance by providing clear, on-screen instructions to successfully guide them through their steps. Each region’s employees received the same instructions, under the same company logo, but written in their preferred work language—French, Spanish, or English. Engage offered the right mix of scalability and efficiency for the IT Ops team who could immediately track in real-time how well their message was being received.

After just two days, the company’s entire remote workforce passed their MFA clearance without having to open a single IT ticket. In the end, Nexthink saved the IT help desk from 50 hours of phone calls and troubleshooting.

Nexthink is helping several enterprise tech teams solve their most demanding remote work problems. We’re here to advance the Digital Employee Experience, whether people work from home or the office.