New Service: SSL-VPN One Time Passwords

I was not sure if this article should be named *Cool Things: SSL-VPN* or *New Service: SSL-VPN* because this is a very cool thing. It is a new, more secure way to provide remote access to your network. Most websites require a username/password for Authentication. However, a hacker can gain access if they can guess or figure out the password. With this new service, both knowledge (the username and password) AS WELL AS possession of a device (your cell phone) are required to gain access. Read the full article for additional info.

With traditional remote-access solutions, knowledge only is required to get into your network remotely.  That knowledge of course is a username and password.  However, username and password combinations are subject to hacking.  With the new service SSL-VPN One Time Passwords (OTP), both knowledge and possession of a device are required.  This is called Two-Tier Authentication.  The problem is that most current Two-Tier Authentication solutions are expensive and thus out of reach for most small businesses.  The other problem is that they require a new device (or token) to be issued to remote workers who then need to carry this extra token around.

The new service SSL-VPN OTP is beautiful because the device can be a cell phone, which everyone already has.  Here is how it works: 

 - A remote worker opens a browser, and goes to your secure website login page (eg, http://vpn.yourdomain.com)

 - Next, they begin the login process by entering their username and password

 - If their username and password were correct, the vpn device instantly sends their phone a One-Time Password

 - The remote worker looks at their cell phone, reads the One-Time Password, and enters it into the website login screen

 - If the One-Time Password is correct, they are granted access.

As you can see, this is far more secure because even if a hacker knows the username and password, without possession of the cell phone they can't get the One-Time Password and thus can't gain access to your network.

It is beautiful!

We set this up internally, so any of our techs can demo it if you would like to see it in action. Retail cost for the hardware is $595 if you have a few remote workers, $2,200 if you have lots of remote workers.