O365 and DirSync – Two Factor authentication

My colleague Stephanie Kahlam has a great post on Dirsync on her blog https://stellark.itgroove.net.  I won’t rehash it as Steph has done a great job.

I do want to comment on the reference she makes to two-factor authentication using your smartphone.  Microsoft bought PhoneFactor, the company that created the phone authentication technology some time ago.  I used the technology with a customer that is in the health care sector and which required a way to authenticate inbound LogMeIn connections above and beyond the normal methods used by LogMeIn.  LogMeIn offereda plugin for PhoneFactor so I thought I’d try it out.  I have to say that it worked brilliantly; logging into LogMeIn and connecting to the customer’s machine would cause PhoneFactor to call my cellphone and request authentication from the phone.  I’d authenticate then the LogMeIn connection would complete.  Simple, fast and effective!

I’ve used other two factor authentication systems over the years (SecureID, et al) which were effective but which required a hardware token or special software to be installed on a pc ora phone.  PhoneFactor was/is far more elegant in my view.  Having this technology available to you to secure access to your systems is a definite boon that should be leveraged whenever possible.  Kudos to Microsoft for making it available via O365!