Two-Factor Authentication tips

Many of us often think about the security of a single key on a door that leads to one of our more critical assets.  The mental question that pops up is “What if that person loses their key and is too embarrassed to report it?”.  This is a common question that those responsible for security typically ask themselves and then the day gets busy, no losses are incurred, and the question fades away.  Fixing a single factor authentication problem is not difficult.  It doesn’t take an Iris Reader or $50,000 deployment per door to obtain a two or three factor authentication.  The simple thought is more what the second type of authentication needed is. First you should break the definition of authentication down into the basics: What you have, what you know, and who you are.  Obtaining a two factor authentication could be as basic as adding a keypad that requires a numeric pin to a keyed lock door and you have two factor authentication.  You can also obtain two factor authentication by putting a biometric and a proximity card on a door.  The Second question now comes into play….”How far do I need to take it?”.  Ask yourself who you are protecting this asset against.  Who is your threat?  The answer to this question will determine the level of two or three factor authentication will be needed to protect that particular asset and whether or not biometrics will need to be used.