Authentication and Access Control

Threats to your data can come from external or internal sources.

  1. There are individuals who don’t have the authorisation but are driven by malicious intentions to gain access to certain information. This may refer to individuals who already belong to your organisation (but don’t have the necessary access rights) as well as those who don’t.
  2. There are individuals who have both the authorisation and, unfortunately, the malicious intentions over certain information.
  3. Finally, there are individuals who have the authorisation, no malicious intentions, but have accidentally exposed the information in question to those without the proper authority.

While curbing threats 2 and 3 would require other methods, threat #1 can be countered if the right authentication and access control systems are in place.

Here’s what we can do for you:

  • Work with your key personnel to determine who gets access to what.
  • Help you decide whether a single factor or a two-factor authentication (2FA) is appropriate for your organisation and recommend which factors are most suitable. Login methods may include but are not limited to the following:
    • biometric devices
    • Kerberos tickets
    • mobile phones
    • passwords
    • PKI certificates
    • proximity cards
    • smart cards
    • tokens
  • Install the necessary infrastructure needed for the factors chosen. For instance, if you opt to use biometrics, then biometric scanners will be installed. We’ll make sure that the authentication terminals are situated in places where achieving optimal traffic and work flow has been taken into consideration.

Other defences we’re capable of putting up include:

Check our similar posts

Solutions to Password Overload

If only technologists had their way, passwords and PINs would have long been replaced with more innovative (and admittedly, better) security solutions. But such is not the case. Those alternative solutions, which include biometrics, smart cards, and password fobs, effective as they may be, are just way too expensive to implement.

So although passwords and PINs may not be here to stay, they certainly won’t be going away soon either.

Why keeping passwords in memory is no longer possible

A couple of decades ago, it would have been nearly impossible to crack an eight-character password using brute force. Today, however, advancements in computing power are rendering the typical passwords of the past easily decipherable, forcing us to come up with passwords that are not only much longer, but also much more complex and hence difficult to recall.

For instance, memorable words like your favourite character (e.g. ‘skywalker’) may have been acceptable then, but not anymore. Today?s security systems will encourage you to insert numbers or even other keyboard characters as a means to once again counter brute force. Hence, ‘sk5%ywa936lker@#’ may be more acceptable.

Remembering that one alone can be pretty daunting.

To further complicate matters, the number of applications that require passwords for access is much greater than before even for a single end user. Ordinary end users have to keep track of passwords for their email account, network login, workstation login, online services, and so on.

The burden is even greater for your IT admins, who have to remember a larger collection of passwords that protect business critical systems and applications. Clearly, the team in charge of your IT security will need a way to manage all these passwords.

Password management solutions

Existing password management solutions typically come in the form of software applications that store passwords. Basically, all you need to remember are your login details for the app a.k.a. the ?master password?. Once you’ve gained access inside, you can then retrieve any password you stored there.

Some of these apps are installed in portable devices like Pocket PCs, PDAs, or smartphones, which you would normally take along with you. For as long as the device stays with you, your passwords will be in safe hands. What’s more, you can retrieve them anywhere you go.

But obviously, there’s a problem. What if the device gets misplaced or stolen? Although the person who ends up with your device may not be able to gain access into the app and your passwords, neither will you. A better solution would therefore be an app that can be accessed anywhere but is not susceptible to getting lost.

Web-based password manager

A web-based password manager fits the bill. You don’t have to take it with you, but still you can access it almost anywhere. A typical web-based password manager will have all your passwords stored in a centralised, highly secure location.

If you want, you can even use your mobile password manager along with the web-based one. Ideally, your web-based password manager would have a copy of all the end-user passwords as well as the master passwords of your organisation.

With an easy to access but highly-secure web-based password manager, you no longer have to come up with passwords that (ironically) are supposed to be easy to remember but hard to crack at the the same time.

Furthermore, password managers are ideal for keeping passwords that have to be changed every-now-and-then; a requirement that’s becoming all too common in organisations bent on enforcing more stringent controls.

Reducing Your Carbon Footprint

Climate change creates a loud buzz across the globe. People are talking about how extreme the weather is, how polluted the environment has become or how devastating the results of carbon emissions are. While it is true that humans contribute a large impact to the worsening climate situations, people are also the most influential key towards making this world a better place. As much as the increase in carbon emissions results from what you do, the healthy change can also start in you.

Although it is a bit difficult to determine what you can do to help the society, do not be disheartened. The devastating forces may be massive for you to work through, but there are countless simple actions?you can take to reduce your carbon footprints day by day.

Home

While you are in the comfort of your home, you can start saving energy to reduce your carbon emission. You could’replace your standard light bulbs with compact fluorescent ones. A compact fluorescent bulb saves more than 2/3rds or up to 1,300 pounds of carbon dioxide in its lifetime. This bulb contains mercury, so make sure to choose a brand that has lower mercury than others.

Another thing, you can do to reduce your carbon footprint at home, is to mind your electronics. When you do not use your gadgets and appliances, make sure you unplug them. If you buy new ones, take time to look at the energy rating of the electronics to save you more energy in future use.

Alternative renewable energy is also a good thing to shift into. Try solar, hydro or wind power at home. Setting up your own residential solar panels and building your own turbines are excellent ways to choose green energy.

Food

The food industry is one of the largest contributors of carbon emissions. You may not have control over the food processing, but you can lower your carbon footprint by buying local products in the market. These local products are not transported from far off places, so the carbon dioxide released from them is lower compared to imported ones. Take a look at the packaging as well; less packaging means less waste.

If you have a big backyard, you could use your it to grow food. ?Eating food, either fruit or vegetable, which you grow at home is energy efficient. No more fuel combustion from transportation and other consequent food processing.

Travel

When you have your own car, accelerating it slowly and smoothly, as well as maintaining speed while driving will help lower your carbon emissions. If you drive a lot, it would be better to get a green car. As of now, you can consider using?public transportation and go for road travel rather than air travel when you take long distance trips. But when you need to take planes, better choose a non-stop flight instead of connecting ones.

Indeed, there are many ways you can combat global warming and climate change. The road to improved life quality through energy efficiency might be hard, but a transformed lifestyle can make a big difference. Start now ? lighten your carbon footprint and help save the world.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
How Small Irish Businesses Avoid the GDPR Sting

Accountants providing chartered accounting services and tax advice are alerting smaller Irish companies to the consequences of the pending General Data Protection Regulation (GDPR). They believe these are going to feel the most pain come 25 May 2018, if they do not implement GDPR by then. We are trying our best to help avoid this situation by providing advice.

How to Kick the GDPR Ball into Play

The Irish Information Commissioner?s Office has produced a toolkit regarding where?s best to start. They suggest beginning with an information security assessment to determine the gaps companies need to close. Once quantified, this leads naturally to a plan of action, and resources needed to fulfil it. Here?s how to go about it:

1. Start by assessing your current ability to identify, assess, and manage threats to customer data security. Have you done anything at all to date? You must be holding some customer information surely, and it is highly likely the GDPR applies to you.

2. Next, review your company?s current customer data security policies. Are they documented and approved, or do new employees discover them sitting next to Nellie? Rate yourself on a scale where ten is successful implementation.

3. Now consider how well you have pinned responsibilities on individuals to implement policies and take the lead on GDPR. The latter should be the business owner, or a board member with clout to make things happen.

4. By now, you should have a grasp of the scale of work ahead of you, remembering the EU deadline is 25 May 2018. If this sounds overwhelming, consider outsourcing to your accountant or a specialist provider.

5. Under the General Data Protection Regulation you have only 72 hours to report a breach of customer data security to the Information Commissioner?s Office. Do you have a quality assurance mechanism to oversee this?

Tangible Things to Bring Your Own People on Board

With all the changes going on, there is a risk of your employees regarding GDPR as ?another management idea going nowhere.? Thus, it is important to incorporate the new EU regulations in staff training, particularly with regard to data security generally. They may fully come on board only once they see tangible signs of progress. You should in any case put the following measures in place unless you already have them:

1. A secure area for your servers and for any paperwork your customers provided. This implies access control on a need-to-know basis to protect the information against loss, damage, and theft.

2. A protocol for storage media and record disposal when you no longer require them or something supersedes them. You are the custodian of other people?s information and they deserve nothing less.

3. Procedures to secure customer data on employee mobile devices and computers: This must extend to work done at home, at consultant sites, and by remote workers.

4. Secure configuration of all existing and new hardware to minimise vulnerability and storage media crashes. These quality assurance measures should extend to removable media and remote backups.

So Is This the Worst of the Pain?

We are at the heart of the matter, although there is more to tell in future articles. You may be almost there, if you already protect your proprietary information. If not, you may have key company information already open to malware.We should welcome the EU General Data Protection Regulation as a notice that it is time to face up to the challenges of data protection and security generally. The age of hacking and malware is upon us. The offender could be a disgruntled employee, or your competition just down the street. It is time to take precautions.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today