Wednesday, 29 July 2009

Influenza A H1N1 and strong authentication?

What is the relationship between influenza and strong authentication? – “Remote Working”

Or in techie speak - translates to the implementation of a remote access solution! If you are following or looking at government or business forums they recommend the use of implementing a number of measures. So what????

One of the measures that are being described is the implementation of remote working solutions to enable working from home.

In all cases no one is highlighting the possible risks to remote access systems by way of gaining access with weak username and passwords? So here's a clarification. Today there are a lot of remote access technologies. As SSL VPN, IPSEC VPN, Citrix, etc ...

But we have a big problem business have and should use Two Factor Authentication. But you say I can just use a username and static password? Technically yes!

But do you think this is a good idea. The risks are far too GREAT. It is so easy to steal or guess someone’s password. Please refer to a number of my blog postings on stealing passwords

The answer is very simple use Two Factor Authentication.

I think the next time the implementation of remote access is under taken business should think twice or consider MAS ICE by CRYPTOCard.

What is the bigger risk to you business H1N1 or an invisible person on your network stealing all of your IP??


Sylvain Maret said...

In french: H1N1 : quelles répercutions dans le monde de l'entreprise ?

Greg said...

Remote users are going to dramatically increase overnight if or when a pandemic virus takes hold. We saw examples this summer as Schools, Businesses and Agencies shut down for weeks due to the H1N1. If or more likely when this occurs, organizations are going to require immediate remote access for employees.

Many two-factor solutions (hardware tokens, fobs, etc.) cannot be rapidly deployed to remote workers, because the physical device has to be provisioned and shipped to users. In a crisis situation, two-factor authentication that can be instantly enabled for remote workers is critical. Phone authentication, like that provided by PhoneFactor (, can be quickly enabled for large numbers of geographically diverse users.

gary said...

Agree Greg - it is imperitive that management overhead is minimized and speed of deployment oiptimized. Look to me like Jasons comment re: MAS does this - and also works with SMS tokens

Copyright 2009 Jason Hart. Powered by Blogger Blogger Templates create by Deluxe Templates. WP by Masterplan