Read this article by Johannes Ullrich. My response is that although Ullrich writes about Google’s choice to use two factor using SMS or Smart phone applications, this can also be done using remote access SSL VPNs, as well triggering a smart phone using SMS. This is very inexpensive as well.
Applications of Ullrich’s article:Applications of Ullrich’s article:
1) If you want a cool security idea
2) Inexpensive way to add two Factor to Cloud Access Authentication
3) Add two Factor Authentication and use your own AD active directory to be authoritative for access control
Share your thoughts right here on the CIO/ES blog!