Users must invest in extra security locks



Companies are deluding themselves if they spend a fortune on technology and then rely on simple password protection to keep the hackers out, according to...



Companies are deluding themselves if they spend a fortune on technology and then rely on simple password protection to keep the hackers out, according to Cambridge online security start-up Signify.

"Relying on passwords to know who you are dealing with is like building on a foundation of sand," said Signify's chief executive John Stewart. "It's about time companies stopped spending large amounts on high-profile technologies and went back to basics."

Graham Titterington, a senior consultant at Ovum, agreed that user-selected passwords are unsatisfactory, "Just by compiling a dictionary of forenames and place names, 40% of all passwords would be covered without having to resort to hacking programs."

Signify is offering an internet-based authentication server based on RSA's SecurID number-generating key fobs.

A built-in timer generates a new Pin number every minute and, after a personal password is entered, the user is then asked for the current number displayed on their fob and this is checked by a synchronised authorisation server.

By directing their security checks to an internet-based authentication server, Signify's customers can save on set-up, management and support of SecurID, Stewart said. It also means that, by setting up all internal and external services on the server, the user needs only one fob not a separate fob for each.

This was last published in October 2000

Read more on IT for small and medium-sized enterprises (SME)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close