So the opening keynote today at the RSA Conference by Amit Yoran (the president of RSA) was very interesting. While many of his comments are not necessarily new, it is interesting to hear it from someone with a high position in the security industry.
As he notes, higher walls are not the answer, and we need to move beyond the perimeter. This seems obvious given the explosion of mobile devices in use today, but it bears repeating, over and over, because to this point, it still seems like it has not sunk in. It is not just that the threats we face have changed, but that how we work, when we work and where we store and access our work have changed, and the new threats are in response to the changes in work. Yet security is still mainly focused on the perimeter of old, not the dispersed nature of now. This is key, because the threats today are in response to the new way we work.
As part of his keynote, president Yoran did give five prescriptions for the future, and interestingly two of them were related to authentication. The first is that identity and authentication must be embedded more deeply into our systems. We need to ensure that we know who the user is and what access rights the user has. Without this knowledge, security fails. Secondly, the use of strong authentication needs to be paired with effective data mining of data and systems access so it is clear who is accessing what, from when and where.
With GreenRADIUS we look to provide a flexible solution that provides the strong authentication and analysis through reporting that will enable organizations to move beyond the ‘Dark Ages’ and into the 21st century.