Tuesday, July 29, 2008

Planning around tokens: When your token fails


My organization uses Secure Computing's Safeword tokens. They're handy, and offer an increased level of security over simple password authentication. The problem with a token is that you can lose it or damage it. In my case, the LCD on the token that I use has a partial non-working character. I can work around it, but it made me appreciate the fragility of a token based system for secure remote access if the token fails.

How can you work around this? There are a few options:

  1. If you have an operations or helpdesk organization, you can give them an emergency token, and provide the second half of the string to your team. Build appropriate controls in so that use is limited and is recorded, and simply call your on-site team to push a button and read numbers to you over the phone in the event of a token failure.
  2. Provide a method to bypass the two factor authentication, either via a controlled VPN or other system, or via console access. You'll need to ensure that the bypass isn't used except when absolutely necessary, and it creates more exposure and more maintenance.
  3. Ensure that you have enough staff to handle a single failed token by re-assigning tasks. In larger organizations, this is often workable. In a smaller organization, this can be a more difficult task.

Token based two factor authentication is an attractive solution, but as with any technology, you must plan for failure while designing for success.

1 comment:

Troy said...

Or create a backup option using SMS-based authentication. Our patented TEXT-pass solution integrates directly into SAFEWORD and provides the security of two-factor authentication on a zero-footprint device.