TAC has the capability of validating a user’s device. When device validation is turned on, a user’s device is bound to that user’s account. The device must be approved for use by an administrator before that user can get access. Once approved, the user must have both their valid credentials and the approved hardware device before any access will be allowed. This provides a much stronger way to control access to information and to protect the organization.