Protecting digital assets from theft or exploitation was once the province of systems engineers. Whether the potential target was an individual computer containing personal data or a network storing valuable enterprise data, the best defense against intruders was to build a system that functioned like a fortress.
As long as the right people were allowed access and the wrong people were kept out, the barriers withstood increasingly sophisticated attempts at penetration and the data was safe.
But, in today’s round-the-clock battle to protect online assets, enterprise IT managers must think outside the box – literally. What if the system accepts an unauthorized request for access because it appears to come from an authorized user? As far as the system is concerned, this request is authorized because legitimate credentials have been used. And that’s where we find ourselves in 2015: appropriating the identity of authorized users is the intruder’s preferred method of access.
Fortunately, there’s a ready solution to this problem. A secure identity is the soundest defense against unauthorized access.
Read the complete report here in the current issue of Homeland Security Today.
John Brooke is the principal engineer for MorphoTrak’s Criminal Justice and Public Security business unit, and a technical lead in platform security and cloud services. Previously he was a systems integration and incident response specialist. He spent ten tenyears in platform security for a pioneering SSL VPN company.
Etienne Ohl is the senior solutions engineer at MorphoTrak where he’s focused on innovative solutions to expand biometrics to new vertical markets in the United State. He spent six years designing a wide variety of large scale identification solutions ranging from India’s Aadhaar identification project to the FBI Next Generation IAFIS (NGI).