When configured for SAML, PhoneFactor serves as the identity provider to the cloud service. The authentication process is delegated to PhoneFactor, which checks the user credentials against the company’s user directory. If the credentials match, PhoneFactor places an automated phone call or sends a text message to the user to verify the login. This provides seamless two-factor authentication leveraging the user’s existing credentials and the user’s existing phone.
A recent survey by PhoneFactor revealed that security is a major barrier to cloud computing adoption. In particular, two-factor authentication was seen as critical to cloud security for 81% of respondents. However, deploying two-factor authentication that offers the same level of scalability, low cost, and ubiquity offered by cloud services has required a shift away from traditional methods, such as security tokens, toward more scalable methods like PhoneFactor.
Like the applications which the SAML integration supports, PhoneFactor resides in the cloud. There are no devices to deploy and no software for end users to install. It works instantly with any phone anywhere in the world, and provides a highly-secure method for federating two-factor authentication in the cloud.
“PhoneFactor is ideal for cloud applications,” said Steve Dispensa, PhoneFactor CTO and Co-Founder. “The user experience is seamless because a single username and password is used to log in to the cloud service, IT departments benefit from streamlined user management, and the organization can realize the full cost benefits offered by moving their applications into the cloud.”
By addressing key security concerns, such as two-factor authentication, PhoneFactor expects to see adoption of cloud computing begin to really take off. Organizations can now trust that authentication in the cloud is as secure as on-premise systems, meeting even the most rigorous internal security requirements as well as those set forth by regulatory agencies.