The complexity and frequency of cyber threats today call for companies to consider a new breed of strong authentication - one that strives to validate the user and not just the device. One-time-passwords (OTP) delivered through unique (individually assigned) tokens have been around for a while. Fran argues correctly that infrastructure costs limited the wide spread use of such token based OTP. The infrastructure costs may have been addressed with a Cloud based offering of OTP, but what about the usability of such token based OTP? People lose or forget physical devices. People damage physical devices. I speak from personal experience having learned from my own internal customer base.
Why not rely of technology that requires no tokens what so ever? No Plastic tokens, USB drives, SMS-enabled devices or software running on mobile devices. A strong authentication solution that is more than two-factor and delivers true multifactor authentication with zero distribution and end user management costs is what enterprises should look for when having to scale solutions globally and across a large user base.
Bharat Nair is Vice President of Business Development at Delfigo Security, www.delfigosecurity.com, Boston, MA. He can be reached at This e-mail address is being protected from spambots. You need JavaScript enabled to view it or by phone at 1.617.248.6501. You can now follow Delfigo Security news and articles on twitter (@delfigo).