CoreSight - leading Australian security - CoreSight - leading Australian security

There's a trend and it doesn't look like stopping. It involves the increase of important information stored on your corporate network combined with the increasing frequency of access to that information from outside your network. Problem!

Do you really know who it is at the other end of the connection? It's a fact that security reliant on static reusable passwords has proven easy for hackers to beat. So what are the alternatives?



There are many different types of authentication methods today. In general, the authentication strength is dependent upon three different factors:

• Something you know. (eg. passwords)
• Something you have. (eg. a hardware token, credit card)
• Something you are. (eg. fingerprints, signature, iridology)

At a minimum, strong authentication must include at least two factors. Passwords alone (one-factor authentication) cannot provide strong user authentication, regardless of their complexity. Nevertheless, strong authentication must be easy to use, inexpensive to own and maintain.

The "things you are" - usually called biometrics - are currently the most expensive and least popular method. As biometric techniques develop, we expect to see usage increase in the future.

The most practical method of enforcing two-factor authentication at present is via the combination of somthing you know (password or PIN) and something you possess (an "authenticator"). Think about what's required to use an ATM. This combination delivers a much more reliable level of user authentication than reusable passwords.

We'd suggest that organisations consider the positive identification of users before they interact with mission-critical data and applications. Typically this occurs through methods such as:

• VPNs
• Wireless communications
• E-mail
• Intranets
• Extranets
• Web servers
• Other network resources