|
|
|
22 Jul 2009
Comments:1
The Home Office claimed last year that identity theft in the UK costs businesses on average £1.2bn. This may be fuelling the government’s decision to push identity cards.
Organisations have similar problems. Unauthorised users are able to penetrate security and access corporate data, and of course there is the age-old problem of users logging on as someone else.
We believe that these threats are driving demand for two-factor authentication, with many organisations replacing insecure passwords and secure assets, alongside working to comply with HIPAA, Sarbanes-Oxley, FSA and the like.
Next up is the Code of Connection (CoCo) standards, which will define the future of communications between local and central government. The regulation requires local authorities to implement rigorous security processes and ICT controls, as well as provide secure access to data through multi-factor authentication.
The CoCo deadline has been extended to 30 September. And it is apparent that councils may risk ID theft and loss of network connection to central government departments if they don't comply by this date.
While councils are looking for a quick fix, there is a lack of knowledge around the topic, which is holding them back and causing confusion.
Some say that over a quarter of local councils will fail to comply by the deadline. This is worrying, and we have had a massive number of calls seeking basic CoCo advice.
Five key areas of compliance are expected to prove the greatest challenge for councils. These are: securing remote devices; developing secure processes; managing software centrally; managing a cultural change; and maintaining ongoing compliance.
For remote devices to be CoCo-compliant they must be secure, encrypted and only get access to the network through a secure Virtual Private Network (VPN) using two-factor authentication.
The simplest way to achieve this is to provide a unified authentication platform to prohibit unauthorised access to government networks. You do not need more complicated passwords. Greater complexity invariably means users forget their passwords and need to call the IT helpdesk for a reset, or they risk disclosure by writing them down.
Two-factor authentication can be provided through via a secure USB stick, mobile phone, biometrics, or a hardware or software token – whichever is easiest for the user.
Resellers can help.
Yurong Lin is chief executive officer at Deepnet
Related articles
In this video find out about the fast-growing Chinese vendor's plans for market domination and how the channel is its route of choice
Find out what gifts Acer has in store for partners for 2012 in this exclusive roundup of its recent conference
CRN's premier networking event is back on 17 May at the Ricoh Arena
Date: Thu 17 May 2012
Channel fighters preparing to square up once more on 24 May
Date: Thu 24 May 2012
The proliferation of endpoint devices within the enterprise has highlighted the shortcomings of one of the traditional approaches to data security
This Forrester report compares the costs and benefits of legacy email and productivity software with Google Apps
Dave discovers that rozzers are seemingly living in the technology dark ages
Mark Needham, founder of distributor Widget, argues that John Browett leaves for Apple with Dixons in better shape than when he arrived
|
|
|
Do you agree?
security enhancement reseller
check out observeIT-sys.com, it provides a 2nd level auth and records all user activities as well. This is a best solution for remote console recording as even when users are comming into the server via citrix,vnc,RDP, all sessions are logged and recorded.
Posted by Johnson | 27 Jul 2009
Have your say