Today users are accessing cloud applications from a variety of devices and locations. This distributive environment demands pairing or layering of several technologies (in/out of band Soft OTP + embedded hardware security + cloud SSO) for flexible, adaptive authentication. In this session, we outline enterprise and consumer access scenarios and demonstrate how a strong root of trust can be established between the client hardware, software authentication method and the user’s point of federation to the cloud.