- 1. Implementing Two-Factor Authentication for Remote Access
using PhoneFactor A Proof-of-Concept Experiment for an Accountancy
Firm (AF) Michael G. Kaishar, MSIA | CISSP | Security+ Sr.
Information Security Architect & Consultant A Master of Science
Research Practicum Presentation Graduate School of Management
University of Dallas Partial Fulfillment of the Requirements for
the Master of Science Degree in Information Assurance Saturday,
March 27, 2010
2. INTRODUCTION
-
- An Experiment for an Accountancy Firm (AF)
-
- Implementing Two-Factor Authentication for Remote Access using
PhoneFactor
-
- Address issue of unauthorized access
Saturday, March 27, 2010Michael G. Kaishar2 Implementing
Two-Factor Authentication for Remote Access using PhoneFactor A
Proof-of-Concept Experiment for an Accountancy Firm (AF) 3.
MATERIALS
-
- Dell Laptop with sufficient resources
-
- Operating Systems (XP and W2K3 Server)
-
- VMware & 2X Remote Access Server
-
- PhoneFactor Two-Factor Authentication
Saturday, March 27, 2010Michael G. Kaishar3 Implementing
Two-Factor Authentication for Remote Access using PhoneFactor A
Proof-of-Concept Experiment for an Accountancy Firm (AF) 4.
ANALYSIS
- Built Test Environment using VMware
-
- Simulated AFs production infrastructure
Saturday, March 27, 2010Michael G. Kaishar4 Implementing
Two-Factor Authentication for Remote Access using PhoneFactor A
Proof-of-Concept Experiment for an Accountancy Firm (AF) Figure 1
.Illustration of remote connectivity processFigure 2 .VMWare
Inc.Illustration of where virtual machines reside in reference to
the Dell Laptop Hardware Layer 5. VIDEO DEMONSTRATION 1
- Current Procedures for Connectivity
Saturday, March 27, 2010Michael G. Kaishar5 Implementing
Two-Factor Authentication for Remote Access using PhoneFactor A
Proof-of-Concept Experiment for an Accountancy Firm (AF) 6. VIDEO
DEMONSTRATION 2
- Proposed Solution for Connectivity
-
- Two-Factor Authentication using PhoneFactor
Saturday, March 27, 2010Michael G. Kaishar6 Implementing
Two-Factor Authentication for Remote Access using PhoneFactor A
Proof-of-Concept Experiment for an Accountancy Firm (AF) 7. VIDEO
DEMONSTRATION 3
- Failed Attempt for Connectivity
Saturday, March 27, 2010Michael G. Kaishar7 Implementing
Two-Factor Authentication for Remote Access using PhoneFactor A
Proof-of-Concept Experiment for an Accountancy Firm (AF) 8.
RESULTS
- PhoneFactor worked as advertised
- Easy to install, configure, and manage
- Easy to integrate into existing system
- Required little to no downtime
- AF is very pleased with outcome
- Cost Effective (free for up to 25 users)
Saturday, March 27, 2010Michael G. Kaishar8 Implementing
Two-Factor Authentication for Remote Access using PhoneFactor A
Proof-of-Concept Experiment for an Accountancy Firm (AF) 9.
CONCLUSIONS
-
- Augment security strategy
-
- Separate systems for each function
-
- Balance between security and functionality
-
- Single client (lack of system load)
Saturday, March 27, 2010Michael G. Kaishar9 Implementing
Two-Factor Authentication for Remote Access using PhoneFactor A
Proof-of-Concept Experiment for an Accountancy Firm (AF) 10.
CONCLUSIONS
-
- Text-based authentication (SMS)
Saturday, March 27, 2010Michael G. Kaishar10 Implementing
Two-Factor Authentication for Remote Access using PhoneFactor A
Proof-of-Concept Experiment for an Accountancy Firm (AF) 11.
Questions? Saturday, March 27, 2010Michael G. Kaishar11
Implementing Two-Factor Authentication for Remote Access using
PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm
(AF) 12. Thank You Saturday, March 27, 2010Michael G. Kaishar12
Implementing Two-Factor Authentication for Remote Access using
PhoneFactor A Proof-of-Concept Experiment for an Accountancy Firm
(AF)