How MFA integrates with Parallels RAS to enable secure virtual healthcare solutions

Multi-factor authentication (MFA) integration in Parallels RAS offers more secure access to virtual apps and data.

Companies face many challenges when it comes to digital security. Protecting company data and assets from unauthorized access is critical in today’s evolving digital world. This is especially true for healthcare.

In this blog, we will explore MFA for VDI and delve into how Multi-Factor Authentication (MFA) security works, review the MFA providers supported in Parallels® RAS, and learn how filtering rules can provide contextual access. We’ll then look at how Parallels RAS leverages its MFA features in healthcare scenarios to enhance security for users accessing virtual apps and desktops.

What is MFA?

Multifactor authentication is a security mechanism that requires users to provide two or more forms of identification to access a system. In order to gain access, users have a password (something the user knows). With MFA, another authentication method is incorporated, for instance the use of a smartphone code or security token (something the user obtains).

When multi-factor authentication is used, users will have to authenticate through two successive stages prior to gaining access to resources. While the first level will typically use native authentication (Active Directory / LDAP), the second level often uses a one-time password generated by a token. The one-time password may be generated from an app, dedicated key fob, or sent via text or email.

TOTP stands for Time-based one-time password, which is the generation of a temporary, one-time code or password that is valid only for a short period of time.

MFA providers

Parallels RAS provides secure remote access to virtual apps and desktops with simplified management, enabling IT departments to easily provide users with access to their desktops and apps from any location or device.  Among other security features, the latest version of Parallels RAS offers the integration with MFA via the different providers listed below:

Since the release of Parallels RAS version 19.2, Microsoft Authenticator is supported as a TOTP provider. Microsoft Authenticator is widely used by organizations to secure their accounts and protect against unauthorized access.

In the image below, we can see how to integrate MFA providers from the Parallels RAS Console.

Authentication methods for desktop clients in Parallels RASMicrosoft Authenticator MFA Provider with Parallels RAS

Filtering rules for contextual access

To address a variety of requirements, Parallels RAS supports multiple MFA providers in a site and can use filtering rules, giving administrators control to decide who, where, and when MFA will be required and by which provider.

Contextual and customized access can be based on different criteria, including user or group, gateway, client device name, client device operating system, IP Address, or Hardware ID. For instance, IT administrators may wish to implement MFA when users work remotely and not require it when they are on site.

The picture below shows the configuration of the filtering rules and different criteria of the filters for contextual access.

Parallels RAS filtering rules can be applied to MFA

There are several advantages to implementing MFA for virtual apps and desktops. First and foremost, MFA can help protect data by including a second factor to ensure that the person requesting access actually is the appropriate authorized user. Furthermore, MFA provides an added layer of security for remote access, which allows more flexibility for organizations to provide access to work resources from various locations, enabling hybrid work and reducing the risk of data breach.

Healthcare Scenarios

Let’s talk about scenarios for healthcare organizations.

Healthcare personnel need to have access to Electronic Health Records (EHR) systems on a daily basis, as well as other applications. Regardless of whether the records are accessed from a hospital or from a remote location, patient data is extremely sensitive and must be protected to maintain confidentiality.

Implementing Parallels RAS with MFA for virtual desktop infrastructure (VDI) environments lets healthcare personnel securely access their virtual apps and desktops.

MFA can help healthcare providers meet regulatory requirements. For instance, HIPAA requires that healthcare providers implement appropriate security measures to protect patient data.

Parallels RAS can be deployed on-premises, support different hypervisors, and integrate public cloud providers, including Microsoft Azure and Amazon Web Services. As to hosting the user workloads, these can be deployed on-premises as well as on Azure Virtual Desktop, Azure VM’s, and Amazon Web Services, thus enabling a true hybrid cloud strategy and flexibility.


In conclusion, data security is a critical concern for many types of industries, including healthcare.  MFA increases security, making it more difficult for unauthorized users to gain access to sensitive information. Parallels RAS supports several MFA providers and has recently added Microsoft Authenticator to further ensure secure remote access.

Discover how Parallels RAS supports MFA providers and enhances security for healthcare organizations. Access your free trial!