In both the federal space and the increasingly competitive corporate landscape, the need to improve the protection of information is forcing IT departments and corporate security teams to look beyond standard password/PIN-based authentication schemes. Until now, many of those responsible for security solutions have addressed this heightened need for security with two-factor authentication solutions (based on something you have and something you know) that leverage the capabilities of smart cards for both physical and logical access control.
Two-factor authentication solutions usually involve inserting a card or token into a PC-link reader (e.g., USB, serial port) tethered to a desktop computer or mobile device, then entering a password to gain access. Although these solutions can effectively improve security, they can also introduce a host of usability and productivity concerns. Moreover, they contain a fundamental flaw that could put your organization’s sensitive information at risk.
Wired Reader Technology: A Serious Security Risk
Tethered desktop, laptop, and mobile device smart card readers have an inherent security flaw: Cards are regularly—and all too easily—left unintentionally in the reader. Consider this scenario: Employees use their smart cards to gain physical access to their place of work. Once inside, they insert their smart card into a reader tethered to their workstation. They enter their password and are granted access to the computer. If users then leave the workstation without taking the card out of the reader, two things occur:
- Users are potentially locked on the wrong side of a secure-access door without a smart card for re-entry.
- The workstation is left open to unauthorized access. Even a 30-minute idle timeout provides a large enough window for significant breaches in security.
Cards left in readers can also be easily stolen, which can put the organization at risk of serious physical breaches.
A Wireless Security Solution: Comprehensive, Flexible, Usable
Wireless technology has been solving communications and security challenges for decades. And that technology can now enhance both the usability and security of smart card implementations for logical access/network authentication. A secure, flexible wireless smart card reader solution works in the desktop/laptop and mobile device environment. This solution balances security and usability, both of which are integral to effectively implementing a smart card program that supports physical and logical access.
Short-Range Connectivity Plus Encryption
The BlackBerry® Smart Card Reader uses Bluetooth technology and an Advanced Encryption Standard (AES)-256 encryption overlay to help prevent unauthorized access to computers and BlackBerry® smartphones. This combination turns Bluetooth (a technology previously considered a security liability) into a security-enhancing technology.
Developed to meet the stringent requirements of the US Department of Defense, the BlackBerry Smart Card Reader introduces a new paradigm into the traditional two-factor authentication model. To something you have and something you know, the new paradigm adds somewhere you are, providing users with proximity-based access to their computers and/or their BlackBerry smartphones.
The BlackBerry Smart Card Reader is small, lightweight, and wearable. Users can attach it to a lanyard around their necks or keep it in their pockets. And because it operates on a short-range wireless connection, the range can be configured so that when users walk away from their desks, their computers automatically lock. Similarly, if BlackBerry smartphones are separated from their users, the smartphone locks and all the information it houses is protected. The BlackBerry Smart Card Reader is the surest way to support a no-smart-card-left-behind policy.
Built with IT and Mobile Users in Mind
The BlackBerry Smart Card Reader supports Windows XP Service Pack 2 (SP2) with support for Bluetooth technology enabled. It also provides support for a variety of industry-standard smart cards. And IT administrators can use it to set policies that support corporate security. The smart card reader:
- Meets strict public sector and IT requirements—The reader lets organizations using smart cards add additional tested and proven security features to the already robust BlackBerry Enterprise Solution security architecture.
- Improves the user experience—The slim, lightweight reader features long battery life and AES-256 encrypted Bluetooth technology that lets users comfortably wear the reader on a lanyard.
- Increases security policy compliance—Increasing the convenience and comfort of using smart cards helps ensure that users comply with organizational security directives.
- Enables wireless key lifetime management—System administrators gain additional control over the wireless environment with the ability to wirelessly manage the lifetime of the security keys on the reader.
- Supports interoperability—The reader is designed to meet the increasing need for interoperability between smart card readers, OSs, and public key infrastructures (PKIs).
The BlackBerry Smart Card Reader can be used as a standalone solution for desktop computers, even for organizations that haven’t deployed a BlackBerry Enterprise Server or any BlackBerry smartphones.
To learn more about mobile device security and BlackBerry, listen to a recent podcast in which Karen Forster, editorial and strategy director for Windows IT Pro and SQL Server Magazine, interviews Scott Totzke, Vice President, Global Security Group at Research In Motion (RIM). To download the podcast, click here.
To find out more about the BlackBerry Smart Card Reader and what it can do for your organization’s security, visit www.blackberry.com/go/smartcardreader.
Research In Motion, the RIM logo, BlackBerry, the BlackBerry logo and SureType are registered with the U.S. Patent and Trademark Office and may be pending or registered in other countries—these and other marks of Research In Motion Limited are used under license.
No comments:
Post a Comment