1-877-740-5028

www.onlinetech.com

TWO-FACTOR AUTHENTICATION
1 User Name &

Two-Factor Authentication for VPN

Secure Hosting

*****

Password

2 1st

Authentication
3

DOMAIN CONTROLLER

VPN LOGIN
*****

FIREWALL

2nd Authentication
*****

5 Two Factor

Approval

4 2nd

Authentication

VPN ACCESS

PHONE

Two-Factor Authentication for VPN

Online Tech offers two-factor authentication for VPN (Virtual Private Network) access as an optimal security measure to protect against online fraud and unauthorized access for clients that connect to their networks from a remote location. How does it work? Two-factor authentication (also known as dual-factor or multi-factor) requires the use of one form of authorization (username/password), and an additional form of authentication to gain access to a network remotely. Two-factor authentication provides an extra layer of protection to ensure the user is truly the one who is allowed access to the network, and to protect against unauthorized entry. Online Techs two-factor method includes the use of a unique username/password. Secondly, the addition of a simple, mobile phone-based authentication method allows users to complete a secondary authentication of their choice to achieve network access. These methods include: 1. Push authentication - login and transaction details are sent to your smartphone, and with one tap of the Approve button, you will have completed the second authentication factor to achieve network access. 2. Smartphone passcode - a generated login passcode works on all smartphone platforms. 3. Text message - login passcodes are sent via text message - enter this passcode online to authenticate the second factor. 4. Phone call - answer a phone call and press a key to authenticate.

SAS 70
Type II
UHY LLP

SSAE 16
Type II
UHY LLP

SOC 2 & 3
Type II
UHY LLP

HIPAA
100% Compliant

PCI DSS
100% Compliant

UHY LLP

UHY LLP

1-877-740-5028

www.onlinetech.com

TWO-FACTOR AUTHENTICATION
1 User Name &

Two-Factor Authentication for VPN

Secure Hosting

*****

Password

2 1st

Authentication
3

DOMAIN CONTROLLER

VPN LOGIN
*****

FIREWALL

2nd Authentication
*****

5 Two Factor

Approval

4 2nd

Authentication

VPN ACCESS

PHONE

Two-Factor Authentication for VPN

Why use it? As a best practice security tool, two-factor authentication assures each user is uniquely authenticated to access your network. If you need to meet PCI DSS (Payment Card Industry Data Security Standards) compliance because you collect, store or process credit cardholder data, then you need to use two-factor authentication. PCI requirement 8.3 mandates: Incorporate two-factor authentication for remote access (network-level access originating from outside the network) to the network by employees, administrators, and third parties. (For example, remote authentication and dial-in service (RADIUS) with tokens; or other technologies that facilitate two-factor authentication. - PCI DSS Requirements and Security Assessment Procedures, Version 2.0 While not required, two-factor authentication is a best practice to meet HIPAA compliance. The HIPAA Security Rule standard 164.312(d) requires a covered entity to identify methods available for authentication (the corroboration that a person is the one claimed (45 CFR 164.304)): Authentication requires establishing the validity of a transmission source and/or verifying an individuals claim that he or she has been authorized for specific access privileges to information and information systems. What are the benefits? Ease of integration and installation Can be controlled and implemented by the client Inexpensive but adds a significantly higher level of security Meets regulatory compliance requirements for sensitive data protection Supports most types of phones, including smartphones, features and landlines

SAS 70
Type II
UHY LLP

SSAE 16
Type II
UHY LLP

SOC 2 & 3
Type II
UHY LLP

HIPAA
100% Compliant

PCI DSS
100% Compliant

UHY LLP

UHY LLP