Achieving Operational Excellence in Government IT
Find the lowest price for a variety of products:

Featured Categories:
Digital Cameras
Home Theatre
Video Games
White Papers IT Jobs Events Research Premium Services Training & Certification Media Kit
   CIO Strategies
   Data Mining & Business

   DRM Watch
   Enterprise Applications
   Enterprise Resource

  New!Executive Tech
   IT Management Trends
   IT Research
   IT Service Management
   Network & Systems

   IT Management
   Editorial Staff

Search EarthWeb

Compare products, prices, and stores at Hardware Central!

Desktops, Mac & PC Notebooks, Monitors, Scanners, Webcams, PDA's, more...

Creativity Applications, Programming Tools, Internet & Communication Applications, more...

Digital Cameras & Accessories, GPS devices & Accessories, Camcorders, MP3 Players & Accessories, more...
Get the best price on Microsoft Visual Studio .NET Professional Edition or search for other development tools

Be a Commerce Partner
Promote Your Website
Search Optimization
Free Site Submission
Promotional Products
Send a Press Release
Live Sales Software
Best Deals on PDAs!
Dedicated Hosting
Compare Prices & Shop
Fax Over IP

An Event for Federal, State & Local Government Agencies
IT Management : Columns : Executive Tech

Related Articles
The Unclear Serial Bus -- A USB Mystery
- IT Service Management Newsletter -
IT Focus
Content Management Makes a Comeback

Driven by regulation and cost cutting, look for content management applications to take a place next to ERP and CRM as the next wave of enterprise 'must-have' software in 2004.

Content Management to Mature in '04

Choosing the Right CMS Solution: A Few Pointers

Email Management Emerging as Critical Corporate Need

Product Watch
Argentum Backup - Easy backup for your files and folders!
assyst Discovery - Help Desk & IT Service Management Software Solutions
East-Tec Eraser 2004 - Protect confidential data and privacy.
RAM Saver Pro - Easy-to-use RAM optimizer tool.
RemoteScope 2.0 Demo - Desktop management tool for your network

more products >>

Datamation Definitions
data mining
grid computing
network appliance
FREE Tech Newsletters


The Firewall and the Wandering Workers
November 17, 2003
By Brian Livingston

Brian Livingston Corporations that have strong firewall defenses didn't take long to figure out that their greatest threat was from employees who log on to their networks from outside the building.

With laptops, Palms, Pocket PCs, and even cell phones accessing your enterprise databases from God knows where, you're in for a nasty surprise one day if you're not using tough authentication measures before you let those devices communicate. An innocent-looking login might actually represent a malicious hacker posing as some vice president.

There's a whole new wave of solutions to this problem. Let's first look at the types of hardware offerings that are currently available:

Smart cards have been around for years, but are gaining new life as a way of letting your trusted employees into your network and keeping hackers out. The devices look and feel like an ordinary credit card. But they contain sophisticated electronics that can't be duplicated by script kiddies.

USB smart tokens are a new way to use smart card technology. One drawback of smart cards is that most computers and laptops don't have a slot to insert them. But most computers and laptops, and even many handhelds, have one or more USB slots. A USB smart token, about the size and shape of a house key (although thicker), can easily fit into one of these slots when an employee is out of the office but needs to log in to your network.

If you want to use USB smart tokens as well as smart cards, it's possible to combine both worlds. Plugging a small smart-card reader into a computer's USB port conveniently provides a home for an employee's smart card.

Authentication on the Fly

All tokens such as these serve at least one primary function. When someone is trying to log on to your corporate network from a distant location, what proof do you have that that person is really one of your authorized users? After all, they might be an intruder who captured a password over-the-air at a typically nonsecure wireless cafe.

Tokens handle this problem, not by storing passwords, but with much more sophisticated security. The process, overly simplified, goes like this:

Log in. When a user attempts to log in to the enterprise network from afar, the token — which is plugged into the laptop or handheld — sends the network a short, encoded string.

Challenge. The network server, reading the code, sends back a numeric string that represents a "challenge" that the token must solve.

Response. The circuitry within the token is able to convert the challenge string into a response that only it would be capable of generating. In combination with other measures, such as a password known only to the bearer of the token, this authenticates the person trying to log in, and he or she can then access network resources.

The Latest Tokens from Innovative Players

Numerous parties design and manufacture tokens, but the following have some of the most interesting new offerings:

Raak Technologies (pronounced "rock") specializes in making it easy for enterprises to obtain 1 to 5,000 smart cards or USB tokens — pre-customized for each roaming worker — without requiring your company to program and manufacture its own secure devices. A name-imprinted T8 USB Token from Raak lists for $64.95 and rapidly declines in price in larger quantities.

Aladdin Knowledge Systems offers its USB eToken in two encryption strengths to suit enterprises with varying needs. The company doesn't publish a price list, but an Enterprise Starter Kit with 10 eTokens, licenses, and software for setting up a trial project runs as low as $772, according to Mike Lang, Aladdin's vice president of channel marketing.

Athena Smartcard Solutions recently announced what it calls the first PC keyboard with an integrated smart-card reader and Flash upgradability. This will interest those companies that require the form factor of smart cards — which can hold employee photos and other ID that a USB token cannot — for their desk-bound employees who regularly need to prove their identity. Athena's ASEDrive III KB offers you developmental flexibility without the need to replace keyboards every time smart-card technology changes.


These are far from the only developments taking place to make remote computing as secure as in-house computing. The fact that the small SIM cards found inside all GSM-type cell phones are smart cards has prompted the formation of the WLAN Smart Card Consortium. This group — with heavy-hitting members such as Texas Instruments, Visa, and France's Alcatel — just last month released version 1.0 of an international standard to make wireless LANs, such as Internet cafes, secure for all who choose to use the specification.

When I see the nonexistent security at many wireless access points in hotels, airports, conference centers, and elsewhere, recommending that you set up smart tokens to authenticate your traveling workers is a no-brainer.

Brian Livingston is the editor of Brian's Buzz on Windows and the co-author of "Windows Me Secrets" and nine other books. Send story ideas to him via his contact page.

Executive Tech Archives

Get info on unique revenue share & strategic alliances
Jupiterweb networks

Search Jupiterweb:

Copyright 2004 Jupitermedia Corporation All Rights Reserved.
Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Corporate Info | Newsletters | Tech Jobs | E-mail Offers