Worm Holes In The Broken Global Security Network

The answer may lie inside the device

A crucial starting point for any security solution is to have a strong foundation of trust in all endpoint devices. That starts by knowing that the PC has not been changed by a third party and extends to verifying the identity of the device itself. Organisations should seriously consider adding device identity as an independently managed layer to help protect their data. This device-based security solution offers significant protection, particularly for modern day organisations where workforces and their devices are mobile and move beyond the safety of the firewall. It will also play a key role as organisations continue to move towards the Cloud and prepare to face the unique security challenges that this evolution in IT infrastructure will present.

The Trusted Platform Module (TPM), a security chip attached to a computer’s motherboard, can provide this solution. It establishes automatic and transparent authentication of known network devices and users; and, because the TPM chip is physically part of the device, it is particularly suited for creating and verifying strong device identities and ensuring only authorised access to networks.

But this type of in-device security isn’t something for the future, it’s already here. About half a billion business grade PCs and laptops are already equipped with the technology and so the chances are your organisation already has the foundations to put these solutions into place. It’s perhaps no wonder then that the framework is being championed by major organisations, enterprises and governments across the globe.

A recent survey of organisations at the Trusted Computing Seminar in London indicates that 86 percent of companies plan to explore the deployment of TPM-based solutions in 2012.

Up until now many organisations have accepted data breach and any subsequent financial loss as a ‘cost-of-business’. As a result they’ve been reluctant to explore and adopt a new security standard. However the landscape is changing as the level of threat organisations are experiencing has risen sharply and the costs in terms of financial theft, but more importantly IP theft, are becoming unsustainable.

It’s only a matter of time before action is taken and very soon, governments too will be demanding a compliance solution that is true and proven. In fact, the EU is already looking at data regulation and compliance, and is expected to issue much more stringent legislation in due course.

Joseph Souren is the General Manager at Wave Systems EMEA.