Monday, May 11, 2009

Tax Day and Security

April 15th is tax day for Americans. A day everyone just loves :-) When I think of April 15th, I think of security and how it is more important than ever. There is an article today that I just saw on Yahoo!

Hackers grabbed more than 285M records in 2008

  • By JORDAN ROBERTSON, AP Technology Writer - Wed Apr 15, 2009 12:05AM EDT

Jordan Robertson states: "Hackers made off with at least 285 million electronic records in 2008, more than in the four previous years combined, according to a new study that shows identity thieves are getting better at exploiting careless mistakes that leave companies vulnerable to attack."

The rest of the arrticle can be read here.

I believe the days of single factor authentication are over and the days of securing at the pipe level alone are over as well. As much as I am not a proponent of big government, I do think there are many valuable services that government has and will do for society. Does the Internet happen if not for DARPA funding? I don't think so. When I think of the right way to do identity management, I think of the DoD's Common Access Card (CAC) program.

Sun Microsystems was a big part of the CAC program and, we at Sun have taken a similar approach with our Java Card.

Now for a controversial suggestion :-) Have the US government follow DoD's lead and issue CAC to every single US citizen above the age of 6. I have kevlar underwear on for this one :-)

Getting away from policy and back to technology, two extremely important standards going forward for security will be SAML and XACML. More on those in coming days....

No comments:

Post a Comment