Attempts to make two-factor authentication less work for the user raise privacy concerns.
Using the tools that work.
We've updated our packer scripts to disable IPv6 when you use them to create an OpenVPN server.
Just as Information Security departments can create friction for Development, Vendors can hinder and slow secure development.
We tested integration with a Sophos UTM (formerly Astaro) and WiKID for two-factor authentication.
The good news: that's a decrease.
Just a bit of framing on this issue. Analysis of breach impact should be relative to the market and competition.
A great tutorial on two-factor auth for F5 APM.
How to add two-factor authentication to IPSec. SSL-VPN and administrator access for the Check Point Security Gateway.
I'm not sure we have thought this through.
More detailed information on adding two-factor authentication to a Cisco SSL or IPSec VPN.
Sounds good - but I'd like to see more stats.
These are some of the questions we get about Enterprise two-factor authentication deployments and some common assumptions that are not necessarily true.
Using packer it is incedibly easy to create two-factor authentication servers for EC2, GCE, Digital Ocean as well as VMWware, VirtualBox, etc.
Using modern configuration tools it should be easy to eliminate common infrastructure weaknesses.
Security is hard.
The New York Times is reporting on the cause of the JP Morgan attack. One server lacked the required two-factor authentication.
And they seem likely to continue into 2015.