Some organizations decide to store their digital certificates on a RSA token device. One reason they do this is to deal with business operation environments where employees share computers and workstations. For example, a company which operates 24 hours a day ends up running three different shifts. In order to control computer costs, most of the time a single computer is shared between three or more employees. Even though each employee is issued their own user name and password, there is still a risk that one employee may forget to sign out of the computer at the end of their shift. This would give the employee replacing them full access to any resources and data the other user has. But, by using digital certificates on a portable device, the employee is unable to gain access to these resources, since they do not have access to the required digital certificates.
Another reason some companies use an RSA token device with their digital certificates is to protect employee records, payroll records, financial information, and other sensitive corporate data. For example, you could implement two factor authentication on the systems containing these types of data and files. In order for your employees to gain access, not only would they have to provide the correct user name and password, but also a digital certificate containing encrypted data used to authenticate them and grant them access to the systems. By placing the certificate on a portable USB device or smart card, it increases the security to protect your sensitive data, while reducing the likelihood of unauthorized access.