Online Businesses Rethinking SecurityHarry Coulter | 21 Aug 2018
Technology has certainly come a very long way in a very short space of time. But, as it turns out, there are some areas in which technology is lagging behind. At least in the case of many companies, who have not yet caught up to the increasing risk of attacks from cybercriminals. Online security is becoming an ever more pronounced problem, with reports of cyber attacks coming from every corner of the globe, some of which have cost companies dearly.
This growing risk has forced some companies to start seeking better protection, calling on the skills of some of the best programmers and software developers in the world. The solutions that have been put forward are certainly impressive, some of which even border on being outrageous in their level of scrutiny. But perhaps, necessary too.
The Mobility Challenge
In speaking on the subject of cyber security, Dr Robert Blumofe of Akami likened the security systems used by many big firms as the “castle” approach. Which is to say, he said that these massive companies tend to treat their digital assets as an ancient king would a castle. High walls, moats and drawbridges are built, all in an effort to keep out invaders. The major issue with all this is that nowadays, most people tend to work from their mobile devices, and that all but makes the castle defences obsolete.
Trusted mobile online casinos, for example, are obligated to keep their customers safe when playing casino games, and face the bewildering problem that thousands of people are often connecting from at thousand different devices, in a thousand different locations. How does one go about spotting the intruder in this intricate web? With great difficulty. But, online casino security systems have been adapted to meet the overwhelming challenge, as have banks and other Internet-based businesses that deal with data and money on a daily basis. Now, the rest of the world needs to catch up.
Solutions Are Paramount
In 2009, Google suffered a serious attack at the hands of very well funded hackers. The attack was so serious that it forced the mega-corporation to completely rethink their security systems. The new solution was labelled Beyond Corp by Google, and took an approach never before seen.
The old ‘castle’ system was based around the fact that all defences should only be used to stop intruders penetrating inwards. In other words; everyone that was already inside the walls was safe, as far as the method was concerned. The Beyond Corp approach, on the other hand, is designed to treat every guest, visitor or employee as if they are a threat, unless specifically proven otherwise. It sounds harsh, but is the answer to an ever-increasing problem. After all, once the castle is breached, there is just about nothing from stopping the intruder wreaking havoc.
It sounds like a good method, but one very serious question remains. How is it determined that the user connecting to the vital company data can be trusted? The most obvious answer is; via passwords and login credentials. But is this enough?
Joe Pindar, an advanced security strategist working at Gemalto went into detail about some of the latest protection technology in use. According to him, the latest technology developed will indeed accept passwords and login credentials, but will keep monitoring a mobile user as long as they stay connected. Factors such as how fast the user is typing are taken into account, and compared to previous typing speed data collected. If the device is being held in a left or right hand is also checked, and verified.
It all sounds very impressive, and as if major corporations really are taking online safety to the next level. Add to this the implementation of facial recognition and fingerprint scanners, and we could just have a way forward. Now however, all web-based businesses need to implement these measures and take a step into the future, right alongside where the hackers already are.