2 Factor Authentication
User identification has become one of the hottest topics over the last 5 years, with many IT managers wishing to extend their computer services more globally, but being all too aware that if an unauthorised person were to gain access the results could be damaging to their operation. If rogue access to one system were not bad enough, the advent of Single Sign-On has made the issue a whole lot worse.
Every user is familiar with the concept of passwords, using them on a daily basis to authenticate to local and on-line applications. However, passwords were originally intended for internal use, not for external applications and mobile working. They are easily stolen using key loggers or just by looking over someone’s shoulder. In addition, the cost of supporting forgotten passwords, particularly out of hours, has become very painful. Token and SMS based solutions provide a secure, easy and cost effective alternative to passwords.
Direct replacements for passwords that rely on a ‘second factor’, are widely available, from biometrics - using finger prints, to ‘one-time-passcode’ tokens and SMS codes. Each has its benefits and potential downsides depending on exactly what needs to be achieved. Data Connect are experts across this area, and can advise appropriately.
Aside from the technology, the policies and procedures surrounding user identification are of paramount importance. It is not good enough to deploy a second factor without thinking through what will happen if, for example, a token is lost. Can the Managing Director call the helpdesk and demand he is allowed into the network even though he can not authenticate?
Much thought has gone into the use of strong authentication, and some very clever solutions have been found to make its use not only easier than passwords, but also cheaper. Some providers now wrap all the policies and procedures up in Web portal as part of a managed hosted service supported by a guaranteed ‘Service Level Agreement’.
 |
 |