Design a proposal to move from single-factor authentication to two-factor authentication.

Competency

Formulate methods to implement information security principles in an enterprise architecture project.

NOTE - This course requires the creations of a single Bitnami server for several deliverables. If this has not been completed, please refer to the "Prerequisite for Deliverables 3-7" page earlier in the Course Project Section.

Scenario

You work as a developer for Solutions Inc. Your client, Universal Widgets, is planning to implement a cloud-based solution for their IoT (Internet of Things) connected devices. These devices are designed to monitor air quality in a home for the homeowner's heating and air system. These devices also are able to detect the carbon dioxide levels, presence of smoke, and notify homeowner's when to change the air filters.

You have developed a level of trust with the development team and they see that your skills and personality are a match to their organization. Now they have requested your opinions on this application development project.

Your research has shown that many organizations have formulated methods to implement greater security principles by incorporating two-factor authentication. The current development design is to simply use the existing wildcard certificate that is owned by Universal Widgets. This certificate will expire in 14 months and is a SSL3 certificate.

Instructions

Develop a proposal that will incorporate two-factor authentication for this development project. You have already had a plan to create an internal certificate and use this as the two-factor check for any devices that have already authenticated once.

Please be sure to include the following into your documentation:

• Recommendation of why an updated certificate is needed and your rational for your recommendation.
• Description of two-factor authentication and how it is becoming more widely used within the industry.
• Explanation of the plan for two-factor authentication in the first login. Include your code and screen shots within this section as proof of how this will work. Then include a brief explanation of how an internal certificate will be used thereafter for that device.