Page 71 - CDM-Cyber-Warnings-March-2014
P. 71
.%36 1$ 2$# 43'$-3(" 3(.- $+(5$12 .1$ .#$1- .1$ $+( !+$ -# .1$ .23 %%$"3(5$ $"41(38 By Chris Cardell, CEO, SyferLock Technology Corporation The Authentication Challenge Creating a highly secure IT infrastructure is a major challenge for organizations today. Megatrends such as the emergence of cloud computing, server and desktop virtualization, the proliferation of mobile technologies and bring-your-own-device, the increase in employees requiring remote access, and the increased use of social networking in the work environment have created new vulnerabilities and risks for companies. Users expect to be able to access information from virtually anywhere via the Internet and mobile devices such as smart phones and tablets, and that means it is harder than ever for IT and security executives to ensure that all of the organization’s information assets are protected. Recent industry research and high-profile security incidents show how companies are vulnerable to increasingly sophisticated threats such as malware and hacker intrusions. In 2013, we read about countless security and data breaches in the news. Many of these breaches involved the compromise of static passwords. As a result, we also witnessed an increasing trend toward multi-factor and two-factor authentication. Companies like Google, Yahoo, Dropbox, Twitter, Facebook, and Evernote, among many others, now support two-factor authentication as an option for their users, recognizing that usernames and static passwords alone do not provide adequate security. One of the biggest concerns regarding security is unauthenticated access to systems and information. Given the proliferation of employees working remotely and the use of mobile devices, and the potential threat this represents for corporate networks, authentication should be an even higher priority than it has been for enterprises. Hardware-based authentication solutions have been around for years and many companies rely on these products as part of their security strategy. These tools can provide some benefits in terms of authenticating users, but they are flawed in a number of ways. For example, hardware solutions such as security tokens can be lost or stolen, and they can also break. In addition, they can be costly, not only for the initial purchase but also for ongoing maintenance and administration of the physical devices. And hardware authentication solutions are not impenetrable as highlighted by recent high-profile security breaches. Furthermore, many of today’s use cases for online access are not conducive to hardware-based solutions for strong authentication. As a result of these and other drawbacks, many organizations today are looking to replace these outdated legacy authentication products with modern solutions that are more effective and less costly. " # % " $ " # ! !
