Two-factor authentication makes C/S Group feel more secure
Alex Anderson, contributing editor -- Manufacturing Business Technology, 10/1/2003 12:00:00 AM
"The Internet is a bigger, more hostile environment today than ever before," says Michael Dyson, IT security manager for Lebanon, N.J.-based C/S Group. As parent company to more than 20 manufacturers of specialty building products around the world, C/S Group uses the Internet extensively to share applications and data with employees, customers, and partners.
"We have clients on every continent and they all use the Internet to communicate with us," says Dyson. "Standard security protocols are based on logins and passwords. The weakest link in the chain is the end user. People still use things like their birthdays and other personal information as passwords for their logins."
But there are solutions for organizations that want to enhance security. C/S Group implemented a security solution from Bedford, Mass.-based RSA Security that it says reduces its vulnerability to attacks.
C/S Group now requires that employees and sales representatives use RSA SecurID two-factor authentication before being granted access to any corporate application or data via the Internet. That means users must identify themselves two ways—using something they know (a PIN); and something they have (in this case, an RSA SecurID token resident on the system)—before they can access confidential information.
"Now we no longer have to worry about where they are. We've created an encrypted tunnel from their location right to our front door, and then there is a combination lock that gets recoded every 60 seconds," says Dyson.
