Most organisations focus on the level of security provided by a prospective access system, but, surprisingly, that aspect might not be its weakest link. Hennie Moolman, Managing Director of network security expert, AfricaSD, argues that it`s the unglamorous ongoing administration and maintenance of such a system that can weaken its effectiveness.
Access management is a growing concern for organisations. The workforce is becoming ever more mobile, needing access to critical systems and resources from anywhere at anytime.
For a while now, this need for secure remote access has encouraged the adoption of two-factor authentication - the use of two `factors`, typically, a password/pin and either a hardware token, like a smartcard, key fob or USB device, or a software token, like an RSA SoftID - and this is fast becoming the accepted minimum level of security in access management.
However, it`s often not the level of security provided by an access system that is its weakest link. By employing one of the numerous two-factor authentication combinations possible, the system will provide an adequate level of security. More often than not, it`s actually the deployment and ongoing administration of such a system that reduces its effectiveness. It`s an unglamorous aspect that perhaps lends itself to being paid less attention - and the primary focus does need to be on the mechanics of the authentication and verification processes - but many implementations have been weakened by the onerous ongoing administrative burden they have placed on the host organisation.
It`s a burden that can be considerable. In the case of systems that employ hardware or `physical` tokens, such as smartcards, key fobs or USB devices, the logistics are much bigger than most organisations initially assume. Each device has to be ordered, checked in and distributed by the administrators, and not just for every new employee - replacing lost, stolen or damaged tokens can quickly prove to be a taxing logistical task. Even administering systems that employ software tokens, like RSA SoftIDs, require deploying the software and `keys` (seed records) onto every device (laptop), rebuilding compromised devices from scratch to prevent duplicate keys existing, and fairly intensive training for administrative staff.
Another important aspect to consider is the enrolment process. How easy it is to add or remove a user from the system. This is important because the time and effort required to do so often constitute the single biggest ongoing costs to the host organisation. If the support team is understaffed or cannot cope with the volume of requests, terminated employees may end up retaining unauthorised access for several weeks.
There are numerous other administrative considerations to take into account when deciding on an appropriate access system, right down to whether the system requires additional proprietary databases to be maintained and what`s involved in doing so. The important point is to make sure they are factored in during the evaluation process, because they might seem trivial, but could inadvertently become your organisation`s weakest link.
Share
AfricaSD
Operating throughout the sub-Saharan region, AfricaSD provides organisations with a comprehensive network security service that includes security investigations, audits and threat analyses, as well as configurations and deployments.
AfricaSD supplies and supports a comprehensive range of market-leading products, covering every aspect of network security from anti-virus, authentication, content filtering, encryption, biometrics, firewalls and intrusion detection/prevention to unified threat management and wireless and mobile security.
AfricaSD also offers customers and reseller partners 24x7x365 support on all of its network security solutions. As one of the country`s foremost security training and certification centres, the company`s technical staff are all fully certified and trained on the entire product range and offer a convenient combination of one-to-one help and a wealth of technological resources.
AfricaSD offers its partners the very best products, training, support, leads and free product certifications. It is committed to keeping partners empowered and up-to-date with the latest relevant information and practices by making available, on an ongoing basis, a network of local and international third-party specialists and leaders.
For further information, visit the company`s Web site www.africasd.com or contact AfricaSD directly on +27(0)86-111-1737 or +27(0)12-665-2513.
Editorial contacts