Latest news
Networkless working: The future of the public sector?
by Robert Campbell - Managing Director at Ecommnet - Monday, 3 September 2012.
Networkless connectivity removes the dependency on how the network is physically constructed and is instead dependent on an individual’s role within the organisation. Using access control technology, such as Cryptzone’s AppGate Security Server, the services and information each individual is granted access to will be determined at the point that they attempt to connect to the network. Returning again to the building analogy, it is akin to each person having their own unique key to the building that, when they unlock the front door, automatically opens all the doors within the building that they can legitimately enter, but also seals all the doors that they should not.
Access can be further controlled by what type of device is being used to connect and where people authenticate themselves. For example, if a user connects to the network from a PC within the organisation’s premises then they can access all files and information needed to perform their duties. However, if they connect from a laptop from home, they may be restricted to just calendar information or basic applications. Taking it a step further, access can be further controlled by the day of the week and/or time of day that the person is accessing the network to determine what they can do and see.
While this might all sound extremely complex, fundamentally networkless connectively is far more flexible, with the underlying infrastructure easier to build and manage.
Secure authentication
Historically, many access gateways required an individual to enter their username and password combination to authenticate themselves. While this may have been adequate for one organisation functioning from one location, as soon as you start co-locating, or even allowing remote access, single factor authentication is woefully inadequate and easily circumvented.
For this reason the introduction of two factor authentication (2FA) is increasingly being driven by legislation and/or the need to be more secure. 2FA fundamentally is the combination of two of three elements:
1. Something you know – a username or password, etc.
2. Something you have – an authentication device such as a smartcard, etc.
3. Something you are – referred to as biometrics it involves retina or fingerprint scanners etc.
Just so we’re all straight, a username and password combination is not 2FA as it is two variations of one element i.e. two things you know.
Now that we’ve established what 2FA is, it’s time to look at what the options are. Fundamentally there are two main forms of authentication device:
1. A physical token or smartcard
2. A virtual token – a mobile phone used to receive a passcode via SMS message or generate the code via an app.
Networkless connectivity combined with strong 2FA allows straightforward user access, without constraints, to deliver a completely dynamic set up at the time of connection. So, whether you’re merging, re-merging, de-merging or just looking to introduce a more flexible working practice, securely, make sure its future proof and cost-effective. Instead of getting physical, it’s time to start thinking outside the box, and even the building.
Access can be further controlled by what type of device is being used to connect and where people authenticate themselves. For example, if a user connects to the network from a PC within the organisation’s premises then they can access all files and information needed to perform their duties. However, if they connect from a laptop from home, they may be restricted to just calendar information or basic applications. Taking it a step further, access can be further controlled by the day of the week and/or time of day that the person is accessing the network to determine what they can do and see.
While this might all sound extremely complex, fundamentally networkless connectively is far more flexible, with the underlying infrastructure easier to build and manage.
Secure authentication
Historically, many access gateways required an individual to enter their username and password combination to authenticate themselves. While this may have been adequate for one organisation functioning from one location, as soon as you start co-locating, or even allowing remote access, single factor authentication is woefully inadequate and easily circumvented.
For this reason the introduction of two factor authentication (2FA) is increasingly being driven by legislation and/or the need to be more secure. 2FA fundamentally is the combination of two of three elements:
1. Something you know – a username or password, etc.
2. Something you have – an authentication device such as a smartcard, etc.
3. Something you are – referred to as biometrics it involves retina or fingerprint scanners etc.
Just so we’re all straight, a username and password combination is not 2FA as it is two variations of one element i.e. two things you know.
Now that we’ve established what 2FA is, it’s time to look at what the options are. Fundamentally there are two main forms of authentication device:
1. A physical token or smartcard
2. A virtual token – a mobile phone used to receive a passcode via SMS message or generate the code via an app.
Networkless connectivity combined with strong 2FA allows straightforward user access, without constraints, to deliver a completely dynamic set up at the time of connection. So, whether you’re merging, re-merging, de-merging or just looking to introduce a more flexible working practice, securely, make sure its future proof and cost-effective. Instead of getting physical, it’s time to start thinking outside the box, and even the building.
Spotlight
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Daily digest
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
Weekly newsletter
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
