Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountanc...
INTRODUCTION <ul><li>Michael G. Kaishar </li></ul><ul><li>Practicum Study </li></ul><ul><ul><li>An Experiment for an Accou...
MATERIALS <ul><li>Hardware </li></ul><ul><ul><li>Dell Laptop with sufficient resources </li></ul></ul><ul><ul><li>Cell Pho...
ANALYSIS <ul><li>Built Test Environment using VMware </li></ul><ul><ul><li>Simulated AF’s production infrastructure </li><...
VIDEO DEMONSTRATION 1 <ul><li>Current Procedures for Connectivity </li></ul><ul><ul><li>Username </li></ul></ul><ul><ul><l...
VIDEO DEMONSTRATION 2 <ul><li>Proposed Solution for Connectivity </li></ul><ul><ul><li>Username </li></ul></ul><ul><ul><li...
VIDEO DEMONSTRATION 3 <ul><li>Failed Attempt for Connectivity </li></ul><ul><ul><li>Username  </li></ul></ul><ul><ul><li>...
RESULTS <ul><li>PhoneFactor worked as advertised </li></ul><ul><li>Easy to install, configure, and manage </li></ul><ul><l...
CONCLUSIONS <ul><li>Recommendations </li></ul><ul><ul><li>Augment security strategy </li></ul></ul><ul><ul><li>Separate sy...
CONCLUSIONS <ul><li>Future Work </li></ul><ul><ul><li>Voice recognition </li></ul></ul><ul><ul><li>Text-based authenticati...
Questions? Saturday, March 27, 2010  Michael G. Kaishar  11 Implementing Two-Factor Authentication for Remote Access using...
Thank You Saturday, March 27, 2010  Michael G. Kaishar  12 Implementing Two-Factor Authentication for Remote Access using ...
Upcoming SlideShare
Loading in …5
×

Implementing two factor authentication for remote access using phone factor

942 views
876 views

Published on

Small and medium sized businesses cannot afford the luxury of purchasing expensive token-based two-factor authentication products, so they rely mostly on user names and passwords as methods for remote access security. The reliance on user names and passwords as methods of security is a weak strategy; therefore small and medium-sized businesses need to add an extra layer of security in order to strengthen their security stance.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
942
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Implementing two factor authentication for remote access using phone factor

  1. 1. Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm (AF) Michael G. Kaishar, MSIA | CISSP | Security+ Sr. Information Security Architect & Consultant   A Master of Science Research Practicum Presentation Graduate School of Management University of Dallas Partial Fulfillment of the Requirements for the Master of Science Degree in Information Assurance   Saturday, March 27, 2010
  2. 2. INTRODUCTION <ul><li>Michael G. Kaishar </li></ul><ul><li>Practicum Study </li></ul><ul><ul><li>An Experiment for an Accountancy Firm (AF) </li></ul></ul><ul><ul><li>Implementing Two-Factor Authentication for Remote Access using PhoneFactor </li></ul></ul><ul><li>Significance </li></ul><ul><ul><li>Feasible </li></ul></ul><ul><ul><li>Address issue of unauthorized access </li></ul></ul>Saturday, March 27, 2010 Michael G. Kaishar 2 Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm (AF)
  3. 3. MATERIALS <ul><li>Hardware </li></ul><ul><ul><li>Dell Laptop with sufficient resources </li></ul></ul><ul><ul><li>Cell Phone </li></ul></ul><ul><li>Software & Service </li></ul><ul><ul><li>Operating Systems (XP and W2K3 Server) </li></ul></ul><ul><ul><li>VMware & 2X Remote Access Server </li></ul></ul><ul><ul><li>PhoneFactor Two-Factor Authentication </li></ul></ul><ul><ul><li>Internet Connectivity </li></ul></ul>Saturday, March 27, 2010 Michael G. Kaishar 3 Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm (AF)
  4. 4. ANALYSIS <ul><li>Built Test Environment using VMware </li></ul><ul><ul><li>Simulated AF’s production infrastructure </li></ul></ul><ul><ul><ul><li>Without PhoneFactor </li></ul></ul></ul><ul><ul><ul><li>With PhoneFactor </li></ul></ul></ul>Saturday, March 27, 2010 Michael G. Kaishar 4 Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm (AF) Figure 1 . Illustration of remote connectivity process Figure 2 . VMWare Inc. Illustration of where virtual machines reside in reference to the Dell Laptop Hardware Layer
  5. 5. VIDEO DEMONSTRATION 1 <ul><li>Current Procedures for Connectivity </li></ul><ul><ul><li>Username </li></ul></ul><ul><ul><li>Password </li></ul></ul>Saturday, March 27, 2010 Michael G. Kaishar 5 Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm (AF)
  6. 6. VIDEO DEMONSTRATION 2 <ul><li>Proposed Solution for Connectivity </li></ul><ul><ul><li>Username </li></ul></ul><ul><ul><li>Password </li></ul></ul><ul><ul><li>Two-Factor Authentication using PhoneFactor </li></ul></ul>Saturday, March 27, 2010 Michael G. Kaishar 6 Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm (AF)
  7. 7. VIDEO DEMONSTRATION 3 <ul><li>Failed Attempt for Connectivity </li></ul><ul><ul><li>Username  </li></ul></ul><ul><ul><li>Password  </li></ul></ul><ul><ul><li>PhoneFactor  </li></ul></ul>Saturday, March 27, 2010 Michael G. Kaishar 7 Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm (AF)
  8. 8. RESULTS <ul><li>PhoneFactor worked as advertised </li></ul><ul><li>Easy to install, configure, and manage </li></ul><ul><li>Easy to integrate into existing system </li></ul><ul><li>Required little to no downtime </li></ul><ul><li>AF is very pleased with outcome </li></ul><ul><li>Cost Effective (free for up to 25 users) </li></ul>Saturday, March 27, 2010 Michael G. Kaishar 8 Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm (AF)
  9. 9. CONCLUSIONS <ul><li>Recommendations </li></ul><ul><ul><li>Augment security strategy </li></ul></ul><ul><ul><li>Separate systems for each function </li></ul></ul><ul><ul><li>Balance between security and functionality </li></ul></ul><ul><li>Limitations </li></ul><ul><ul><li>Isolated (Sand-boxed) </li></ul></ul><ul><ul><li>Virtualized Environment </li></ul></ul><ul><ul><li>Single client (lack of system load) </li></ul></ul>Saturday, March 27, 2010 Michael G. Kaishar 9 Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm (AF)
  10. 10. CONCLUSIONS <ul><li>Future Work </li></ul><ul><ul><li>Voice recognition </li></ul></ul><ul><ul><li>Text-based authentication (SMS) </li></ul></ul>Saturday, March 27, 2010 Michael G. Kaishar 10 Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm (AF)
  11. 11. Questions? Saturday, March 27, 2010 Michael G. Kaishar 11 Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm (AF)
  12. 12. Thank You Saturday, March 27, 2010 Michael G. Kaishar 12 Implementing Two-Factor Authentication for Remote Access using PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm (AF)

×