Secure Mobile Computing: Using Two-factor Authentication with VPNs and Disk Encryption
Organizations of all types and sizes increasingly realize that mobile computing is critical to success. These organizations are giving their mobile users full access to the enterprise network, data, and applications through virtual private networks (VPNs.) Mobile users are also taking large amounts of sensitive corporate data on the road stored on their laptop hard drive, many of which hold up to 200 gigabytes. As a result, while mobile computing offers organizations many competitive advantages, it also entails significant security risks to corporate networks and sensitive corporate data. Indeed, the incidence of security breaches due to unauthorized access to the VPN and theft of laptop devices has skyrocketed, leading to high costs, lost competitive advantage, non-compliance with data privacy regulations, and tarnished reputations. And while organizations are attempting to secure access to their data through password authentication to the VPN and encrypting laptop hard drives, these measures leave significant security gaps. Passwords are insecure and encryption keys stored on the hard drive are insecure.