As cloud computing spreads itself worldwide, it is easy to imagine every organization will tap into this opportunity.  At the same time, cloud computing brings a new angle to long-standing concerns around security and authentication of users.  A few questions commonly asked in the Cloud Security arena are "How does one authenticate myself to a SaaS/PaaS vendor?" and "How does one prevent unauthorized third parties from accessing my information?" 

Typically, one would use his/her username and password to authenticate to a cloud application service.  While this may seem like two different factors, the username and password are 'what you know', not 'what you know and what you have’. This is a single-factor authentication system.

If a user of a cloud-based application doesn't manage their own username and passwords carefully, they may be guessed and/or found.  Ask Sarah Palin how her email was obtained by a college student.

NetSuite has a great tool to strengthen authentication in the cloud; hardware two-factor authentication.  NetSuite Two-Factor Authentication (NetSuite 2FA) requires a physical token ('what you have') in addition to the standard username and password ('what you know').

Using NetSuite 2FA, a malicious individual would have to know my password ('what I know'), and be in physical possession of my token ('what I have') in order to authenticate as me.  Automatically integrated into NetSuite, Netsuite 2FA enables secure two-factor authentication using a convenient hardware device small enough to attach as a keychain.

In some industries, such as banking, regulations require more than one factor of authentication. Two-factor authentication is a best practice for companies that want a strong security presence to protect their customer and financial data, even in industries or companies that are not subject to such requirements.