November 14, 2014
There are several types of two-factor authentication solutions no matter what your organizations’ needs may be. While each of these solutions is slightly different, they all utilize one key factor: certificate-based network authentication. This is because it’s usually quick to implement, simple for the user, and is applicable to desktop computers, mobile devices, and cloud based services.
Digital certificates are used to identify users or devices that are authorized to access a server, website, or cloud. Combine this with the first step of authentication, requiring the user to log in, and your organization knows who accessed what information, when they accessed it, and exactly which device they accessed it from.
Here is a closer look at the different types of certificate-based two-factor authentication:
Server and Machine Certificates
The use of server and machine certificates controls which servers or other computers have access to your organization’s servers and computers. Just as you require your employees to log in using a password to gain access to company e-mail or secure company websites, this certificate-based authentication adds another layer security by ensuring only machines with the pre-approved authorizations can access corporate information.
Smart Cards and USB Tokens
This form of two-factor authentication stores a security certificate on a physical item such as a smart card or USB token. This adds an extra layer of security by ensuring only those entrusted with these physical items can access your organization’s secure network. The end user does not have to do anything except remember to bring their Smart card or insert the USB token. They are also easily transferred, making this a cost-effective, two-layer authentication solution.
Two-factor authentication on cloud services requires a digital certificate that controls what users can access information stored in the cloud. Many existing cloud services are already compatible with having two-factor authentication enabled on them, so implementation is relatively simple. For example, Google Apps, SalesForce, SharePoint, and Amazon Web Services are all cloud based software programs that are compatible with digital certificates for two-factor authentication.
VPNs, Gateways, and Wi-Fi Networks
The certificates needed to secure entire networks must be extremely robust, while also allowing access to those who may not physically be in the building where the servers are housed. It is important to ensure that all devices within an organization are secure, but there is also a concern for outside personnel who may need to access corporate resources while traveling, or for a client who may need limited access to corporate materials. A VPN or Gateway that is secured with a digital certificate identifies exactly who the individual is, and from what device they are accessing it.
If you are not sure which form of two-factor authentication is right for your organization, talk to a digital certificate provider about your specific needs. With typically very little set up, your business can employ two-factor authentication methods that keep your company and your customers’ personal information safe.
If you are looking for two-factor authentication for your website, visit http://www.globalsign.com for more information.
Article by Alexander G Brink. If you are looking for two-factor authentication for your website, visit http://www.globalsign.com for more information.