With increased focus on productivity, remote access for the workforce is a must. Network administrators are required to open more doors to more users, and an identity method that scales well and is cost effective is necessary. The more you know where your network is heading, the better you can plan your identification strategy.
Given the expense required to create an infrastructure for biometrics, a good compromise is two-factor identification: a combination of digital signatures and passwords. In general, two-factor identification consists of any two of the following: something you know, something you have, and something you are. Here are a few examples of two-factor identification. Organizations that adopt a PKI can do so with minimal expense and can protect their property much more effectively than they could with passwords alone. Everyone uses two-factor authentication technology on a daily basis. When retrieving money from an ATM account, for example, a customer needs both a PIN number and the magnetic-strip card. Even if someone attains the PIN number, the card is also needed for access. If the card is lost or stolen, it cannot be used without the PIN.
Other examples are a combination of two pieces of information to validate a person's identity: a password and a hardware or software token that supplies a unique, one-time-use, alphanumeric code. Aladdin eToken is a universal serial bus (USB) Smartcard key that provides two-factor authentication to networks and applications. eToken is used to store certificates during Phase 1 of the IP Security (IPSec) authentication, also referred to as Internet Key Exchange (IKE). More information on these Smartcards can be found at the following location:
http://www.cisco.com/en/US/partners/pr46/pr13/partners_pgm_white_paper09186a00800c57e2.l
Much research is underway, and more two-factor methods will be designed and developed in the coming years.