Multi-factor Authentication (MFA) for Marketo

Highlighted
Anonymous
Not applicable

Multi-factor Authentication (MFA) for Marketo

Does Marketo offer MFA for added security?

2 REPLIES 2
Highlighted
Level 10 - Community Moderator

Re: Multi-factor Authentication (MFA) for Marketo

I don't think directly, but if you use MFA-enabled SSO that would work.

Highlighted
Level 10 - Champion Alumni

Re: Multi-factor Authentication (MFA) for Marketo

There are several ways to harden your instance:

  • Marketo does use 2 factor login authentication by default.
  • Increase to High Password security [everyone will have to re-set passwords, including API Users if you had one with a login like Kapost]
  • Separate Marketo User login for SFDC (don't use a person's login).
  • Refine Roles and Permissions ( I have 20+ now)
  • Use Workspaces/Partitions to minimize access to sensitive information like Customers by Region or Country.
  • SSO - just installed this and it works very well, very easy to setup.
    • One caveat is that some integrations will have to bypass it and you will likely want to let admins bypass (default) which can create some holes.
    • Another that isn't clean in the docs: You must setup a new user + Role manually with the same email address they have in SSO service. Then they can use the SSO to login directly.
    • Sandbox users will have to have a separate login still with a different SSO Setup.
  • IP Authentication - VPN Only - this will drive everyone nuts because it will mean you can only login from your onsite locations or force remote employees to VPN in.
  • Pay for Encrypted Instance on a secure pod. Little known fact: your DB is NOT encrypted!! Only the connections are.
    • You must ask your Account Manager for details and it's not cheap. It will take at least a weekend to transfer over. I would personally recommend this if you can afford it to minimize risk further.
    • Don't do something stupid like sync SSN and PCI data - Marketo is not the place for that data.