InsightIDR Now Supports Multi-Factor Auth and Data Archiving

Last updated at Mon, 28 Oct 2019 18:33:28 GMT

If you’re an InsightIDR customer, you know that credentials are a huge reason why attackers gain access to unauthorized data. We’re proud to announce that with the Insight Platform, we’re improving your authentication experience across all Rapid7 solutions, giving you tighter role-based access and yes—multi-factor authentication. Also, you now have the option to archive the data stored in InsightIDR in your own Amazon Web Services S3 bucket.

What is the Insight Platform?
We have a simple vision—give you answers to your IT & security questions, fast. Whether it’s detecting malicious behavior with InsightIDR, answering IT Operations questions easily with InsightOps, or finding and testing vulns with InsightVM and InsightAppSec, we want to slot into your workflows and slash out the tasks that clog up your days.

For example, setting up and maintaining data connectors across multiple tools is a big pain. With the Insight platform, you’ll have a single sign-on experience across our portfolio. Once you’ve connected data sources the first time, such as by deploying the Insight Agent, we’ll intelligently analyze that data under multiple lenses, whether it's for vulnerability management or for detection & response.

Sounds good. How does this affect my InsightIDR experience?
Existing InsightIDR customers are currently being migrated in groups onto the new platform identity management. You’ll be notified via the email associated with your login (e.g. eric_moon@rapid7.com), so please stay tuned for further instructions.

Multi Factor Authentication in InsightIDR
You can now mandate InsightIDR logins to require a second layer of authentication in the form of Google Authenticator, Okta Verify, SMS Text, or security question.

From the Settings tab, head to MFA Settings:

Choose the options you want to roll out for users, and set a session time limit—the length of time before it requests multi-factor for the next authentication. Once you apply these settings, all future users will be prompted to setup multi-factor during their next login, as shown below.

Archive InsightIDR Data in Your Own S3 Bucket
With your standard InsightIDR subscription, your data is stored and fully searchable for thirteen months. However, if you want to store an additional copy of your data in your own AWS Simple Storage Service (S3), that’s only a few clicks away.

Also in Settings, there is a new option, “S3 Archiving”:

Note that the archiving process occurs once a day, and only sends new data that comes in once the archiving is enabled. Based on your use case, from your S3 bucket, you can configure data to be sent to AWS Glacier storage for additional cost savings.

For further details, see the S3 Archiving docs page: https://insightidr.help.rapid7.com/v1.0/docs/s3-archiving

That’s it! If you’re having any challenges, please reach out to your Customer Success Manager or ping support@rapid7.com. We’re excited not only to offer you a robust authentication and data archiving experience, but to make it easier to switch between our solutions, try new security use cases, and provide you with answers—fast.

If you're interested in trying InsightIDR in your environment, try a free trial here.