A debate among security experts asks: could passwords sent via mobile phone text messages (one time only) be more secure than traditional hardware tokens?
The numbers are staggering. About 750 million airline passengers must remove their shoes every year because one lone nut, Richard Reid (now a resident of a supermax prison in Colorado), once tried to blow up a plane with a shoe loaded with Pentaerythritoltetranitrate (PETN). The hordes of stamping stockinged feet notwithstanding, PETN is not detectable on the scanners used by airport security gatekeepers. A chemical test is needed.
Evidently the illusion of feeling secure is enough to calm skittish nerves. Sheer numbers tell their own story; a classic case of one bad seed spoiling the batch.
It calls to mind the seeds that were stolen from RSA SecurID tokens and subsequently used to attack Lockheed Martin and other unconfirmed defense contractors. These internal seeds comprise a secret key hard-coded into the token itself, and are the logical equivalent of a combination to a vault. Now 30,000 worried RSA customers are looking to have 35 million hardware tokens replaced.
Read the rest about SMS vs. Token security at eSecurity Planet.
One of the ways around the issues of security and control that make some businesses wary of cloud computing is to build a private cloud -- one that remains within the corporate firewall and is wholly controlled internally. Private clouds also increase the agility of IT an organization's IT infrastructure and make it easier to roll out new technology projects. Download this eBook to get the facts behind the private cloud and learn how your organization can get started.