2FA Missing on Quarantine Website

We currently use SEA on-premise and restrict the quarantine site to local IPs. I tested the cloud version, but it does not have 2FA on the quarantine site. SSO does not count as 2FA. Both our government regulatory and cyber insurance company have said we cannot use the cloud version since 2FA is not implemented on the quarantine site. Does Sophos plan to put 2FA on the quarantine site? From a security perspective, I am surprised this is not in place. Also restricting login by IP would be great too.

Thank you,

John



Edited tags
[edited by: Raphael Alganes at 2:25 AM (GMT -7) on 6 Jun 2023]
Parents Reply
  • Hi Tom,

    Thank you for your help and comments! SSO helps simplify the sign-in process where as 2FA is a security process. So SSO isn't a replacement for 2FA. I definitely understand your constraints, and I am sure you appreciate mine. I would prefer that we stay with Sophos for email filtering. I was hoping we could use our XG's email capability, but it is not as advanced as the SEA or EM. I would appreciate any recommendations for a replacement.

    John

Children