Home | About PassGo | Press Center | The Five Golden Rules of Protection

The Five Golden Rules of Protection

At a time when threats and the trend towards deperimiterization are both on the increase, businesses should stand back, and take a careful look at their risk management strategies.

A greater focus on the security of the internal network is required, as internal networks are often left exposed to a variety of threats.

There are five over-arching principles which can be considered when changing from a perimeter security paradigm, to an holistic approach.

Secure Application Design

Use of inherently insecure applications is clearly not a sensible practice, and the attempt to shore up an application riddled with vulnerabilities with additional external security measures may not prove to be a cost effective.

Applications must be conceived, designed and authored from the get-go with security in mind. Attention to best practice and adherence to standards being of the foremost importance at all times throughout the development process.

Strong User Authentication

Much is made of perimeter control where user authentication is concerned, but in reality user authentication is a wider issue than simply the control of a perimeter. The most common method of authenticating users in use today is through the use of a memorised password or phrase theoretically known only to the owner.

Password policies are often poorly implemented, allowing users to select weak passwords, and change them infrequently. Strong authentication represents a solution to this well understood and thorny issue.

Through the use of a more secure two-factor authentication, users are identified on the basis of something they know (a password or PIN) and something physical they have, (hardware token or smart-card) making the authentication substantially stronger.

Secure Access Management

Following closely behind a successful authentication, a user will expect to be granted rights to applications and to data. The rights granted ideally should be based upon the user’s role within the organization.

Centralized, role-based access management is often the most cost effective way to manage rights in a large organisation, permitting HR or IT departments to categorize staff by job function, and assign rights accordingly. This avoids the need to administer rights on an individual user basis and has the added benefit of being able to revoke access in the same fashion as required.

Data Integrity & Confidentiality

In today’s business world confidentiality is paramount, and with the ever-increasing pressures of SOX Section 404, ensuring the integrity and confidentiality of information as it travels between network components, workstations and servers is vital.

VPNs are now commonplace in their use to protect remote-access and point-to-point communications. Internal network traffic within an organisation, particularly on wireless, but also on wired networks is also receiving a greater emphasis than in the past, with a need to ensure secure transparent communications across large heterogeneous networks.

Centralized Administration

Centralizing the administration of numerous disparate systems can improve overall systems security and help to reduce total administrative costs.

There are many facets of system administration, and it is unusual to find a ‘one size fits all’ solution, but with the centralization security management (authentication, access control and password management) administrators are better equipped to react to circumstances as they arise.

PassGo Technologies

PassGo have been delivering on their security promises to Fortune 1000 companies for over 21 years. PassGo continues to demonstrate technical excellence across all Windows platforms from UNIX to the mainframe.