Amidst media reports that the nation's largest defense contractor experienced a network intrusion last week allegedly involving the use of RSA SecurID® tokens, organizations using tokens should consider additional measures for safeguarding their information and securing their network infrastructure. Incorporating device identification as a second layer of defense can help to thwart future cyber attacks, according to officials at Wave Systems Corp. (NASDAQ: WAVX).
"The Lockheed Martin breach has been a wake-up call for CSOs and CIOs, as this type of breach is a risk for any organization with the same vulnerability," commented Steven Sprague, CEO of Wave Systems, a leading provider of Trusted Computing solutions. "Security in today's IT infrastructure is more about layers than any single point of defense. We believe that organizations should add device identity as an independently managed layer for network access control, where only known devices—those authorized by the organization—are granted access to information and sensitive resources. This is device-based security."
Top Reasons Why device Identification Should Be Central To Your Security
- User identification with digital certificates, biometrics, one-time password tokens and smartcards may not be enough to prevent many types of breaches.
- When the device is known, IT can have a higher degree of confidence that information is being accessed by an authorized user.
- Device identification can mitigate the risk of unknown devices intentionally or unintentionally infecting the network.
- User authentication is stronger when an independent second factor (the device) is provided. Having two completely independent and parallel authentication systems can provide stronger security.
- Known devices will play an integral role in securing the cloud, defending against advanced persistent threats and securing mobile devices.
TPM Uniquely Suited for Device Identification
Traditional approaches to device identification center on using MAC addresses and user credentials in software to identify a device on the network. But this is subject to security vulnerabilities since MAC addresses and software-based user credentials can be spoofed, so another device can claim the same MAC address, for instance.
A better approach for device identification is through the use of the Trusted Platform Module (TPM). The TPM is a cryptographic security chip developed using a specification from the Trusted Computing Group (TCG). Among its many security features, the TPM has the ability to create, sign and store keys, which can be used to provide strong binding of machines and users to the device. Because the authentication keys are stored and protected within the hardware, they cannot be changed or stolen by malware. Benefits of the TPM include: persistent protection of identity information (keys); broad deployment (nearly half a billion TPMs have already shipped on PCs); and a low total cost of ownership, as there is no additional hardware to acquire or deploy.
One of the biggest hurdles preventing more widespread usage of the TPM has been a relative lack of awareness. But this is beginning to change. Consider:
- Earlier this year, the United Kingdom's Communications-Electronics Security Group (CESG)—the government's technical authority for Information Assurance (IA), issued recommendations for the use of TPMs for devices within government agencies.
- In the U.S., the TPM is one of the authentication technologies considered as part of the White House's National Strategy for Trusted Identities in Cyberspace (NSTIC).
- The National Security Agency (NSA) has dedicated an entire Trusted Computing Division to drive research, hold conferences and educate the commercial sector on the benefits of Trusted Computing technology. Use of the TPM was a focal point for demonstrations and discussions at last year's Trusted Computing Conference, hosted by the agency.
- PwC, the world's largest provider of tax and advisory services, is in the process of migrating its 150,000+ users across 54 countries to TPM-based storage of private keys.
Wave has assembled a number of partners that can help enterprises leverage the TPM as part of its network security. Leveraging this already-deployed hardware security can supplement existing systems in a cost-effective and seamless manner. For more information, call (877) 228-WAVE or see the following link for additional information, resources and ways Wave can help: /access-authentication.