SecurICE from SecurEnvoy is a revolutionary approach to the age-old problem of providing
secure access to corporate systems in the event of an emergency.
SecurPassword from SecurEnvoy enables Microsoft Windows domain users to reset their
own password using mobile phones to create two-factor authentication.
SecurMail enables individuals to send and receive email across the internet using
standards based https and strong two-factor authentication of the recipient.
Latest News
June 2009 Experts give a cautious welcome to new IT security plans announced todayEd Rowley, EMEA technical consultant at security vendor Marshal8e6, agreed that the global nature of the internet calls for more than separate national cyber security strategies, as announced by the US and now the UK.
"Only international co-operation between governments and ISPs will afford the level of security we expect and this still looks a long way off,” he said.
Steve Watts, co-founder of SecurEnvoy, argued that a better strategy from the government would be to encourage a more decentralised model of security, encouraging businesses and individuals to protect their own networks.
“Most organisations realise it’s their own responsibility to prevent cyber attacks," Watts said.
"But many still follow the ‘sun screen’ approach, and only apply measures when it’s invariably too late. While the government can’t claim ultimate responsibility, what it can do is encourage accountability – by putting the schemes in place to support it.”
Mikko Hyppönen, chief research officer at F-Secure, added to the voices welcoming the announcement, but warned that from a law enforcement perspective, a more global approach is required.
"Establishing an international agency - 'Internetpol' - with the enforcement power to really target the organised criminals who operate on the web is the best way forward in the fight against online crime," he said.
"It would ensure that investigations start at the top of the crimeware food chain and bring to justice the people who are running the online crime syndicates."
In truth, all the serious rhetoric from Gordon Brown aside, the success of the cyber security proposal really depends on how much funding the government is prepared to commit to the programme.
Recognising that there is a problem is an encouraging first step, but a cure will continue to prove elusive unless the government is prepared to engage internationally with governments around the world, especially those who allow cyber criminals to flourish undisturbed.
Co-founder of SecurEnvoy, Steve Watts, stated that while workers are trusting of their colleagues, it may not be a great idea to share passwords so easily since it can compromise one’s entire work life.
Watts suggested that password sharing be kept to a minimum.
He went on to say that it is important to be cautious, as in the current economic climate disgruntled workers are looking to access information they should not and the threat of short term consultants accessing high profile data is an especially high threat.
Other security concerns have been raised by SecurEnvoy as well, such as tube strikes which can send the trading market into disarray, and there is no clear definition of who may be accessing a company network due to the rise of remote workers.
The main concern with remote access entry into a company network is that it is hard to measure the security of applications when they are not under the control of normal IT infrastructure.
One prime example is the widespread use of Outlook Web Access which can introduce vulnerabilities because of its use of Internet Information Services.
"It is encouraging to hear about the British authorities reaching out to the white-hat hacker community; the Russian and Chinese have been doing that for years and are way ahead of both the US and the UK in this regard," he said.
"Where the Russians and the Chinese have surpassed everybody else is their willingness to use amateur hacking groups to accomplish low-level cyber missions. The fact that the UK intends to use hackers for a good cause is encouraging," Howard continued.
Rob Elliss, director for Northern Europe at SafeNet, was just happy to see cyber security at the top of the government's agenda.
"The appointment of a cybersecurity chief and launch of a national strategy are very positive moves by the Government. Having seen the US do something similar last month, I'm pleased to see the UK is putting information security at the top of the public agenda," he said.
Steve Watts, co-founder of SecurEnvoy said that the nation's security should not come at the expense of civil liberties.
"Any cyber security strategy needs to negotiate a delicate balance – between heightening security and maintaining the openness of modern communication," Watts said.
Mikko Hypponen, chief research officer at F-Secure said that he would "like to see a focus on developing an offensive capability against online criminals".
"Anti-virus and security companies are doing their best to protect their customers' computers but little can be done directly by non-governmental organisations. These companies are not law enforcers, nor should they be," said Hypponen.
"At present, online criminals are essentially free to roam with almost nobody to stop them. If we don't take action now, online crime will continue to grow stronger and will end up destroying the current model of internet business, banking and commerce," he continued.
Although the risks inherent in this approach are multifaceted and need to be tackled from a variety of angles, there are simple, yet elegantly effective precautions that companies should be implementing immediately. Adding two-factor authentication to remote user passwords is one such example of an inexpensive way of refining that critical first line of defence.