This content has been marked as final. Show 2 replies
I don't think directly, but if you use MFA-enabled SSO that would work.
2 of 2 people found this helpful
There are several ways to harden your instance:
- Marketo does use 2 factor login authentication by default.
- Increase to High Password security [everyone will have to re-set passwords, including API Users if you had one with a login like Kapost]
- Separate Marketo User login for SFDC (don't use a person's login).
- Refine Roles and Permissions ( I have 20+ now)
- Use Workspaces/Partitions to minimize access to sensitive information like Customers by Region or Country.
- SSO - just installed this and it works very well, very easy to setup.
- One caveat is that some integrations will have to bypass it and you will likely want to let admins bypass (default) which can create some holes.
- Another that isn't clean in the docs: You must setup a new user + Role manually with the same email address they have in SSO service. Then they can use the SSO to login directly.
- Sandbox users will have to have a separate login still with a different SSO Setup.
- IP Authentication - VPN Only - this will drive everyone nuts because it will mean you can only login from your onsite locations or force remote employees to VPN in.
- Pay for Encrypted Instance on a secure pod. Little known fact: your DB is NOT encrypted!! Only the connections are.
- You must ask your Account Manager for details and it's not cheap. It will take at least a weekend to transfer over. I would personally recommend this if you can afford it to minimize risk further.
- Don't do something stupid like sync SSN and PCI data - Marketo is not the place for that data.