Telephone access to computers and other hardware is growing exponentially. Paralleling this is also the growth in illegal access. The reasons for this illegal access range from outright piracy to vandalism by current or ex-employees. Many times simply finding an open modem presents an open challenge to hacker groups, which often results in the intentional or unintentional corruption of some files. (Click here for more information)
Lock and Key Security
The requirement for caller authentication crosses every size of business and every industry line. Some of the main requirements for caller authentication in today's world are:
Access by customers, sales personnel, telecommuters, or anyone requiring authorized access.
Securing maintenance ports. This is the fastest growing requirement. As such, Security is also a part of many CPS remote access products.
Preventing exposure of the corporate LAN to unauthorized access as well as to unscrupulous web sites that may be accessed by unknowing or uncaring employees.
To add hardware to current password system to meet the requirement of "Two Factor Authentication".
CPS manufactures a number of different dial security products that are primarily used to AUTHENTICATE the caller and deny access to unauthorized callers.
These products are based on three primary methods of authentication:
The Challenge Response Concept
The CHALLENGER FAMILY of hardware security products connect to the analog side of the operative modems and operate on a LOCK and KEY principle. Any call to a modem with a LOCK connected to it, is challenged for the presence of the proper matchbox-sized user KEY connected to the caller's modem. Unauthorized calls and nuisance calls, without the proper KEY are defeated in less than ½ second. They are also never recorded as modem answered calls by war dialers or other monitoring systems. The encrypted challenge changes with each call. It may be used as a stand-alone authentication system or with current password systems for "two-factor authentication". It is 100% transparent to the hardware/software and to the user making it extremely easy to use while being very effective.
The Caller ID Security Concept
Caller ID was not developed for the purpose of providing dial line security, but with the proper hardware at the receiving end, it can be used for that purpose. It is not considered to be a high security approach, but is probably adequate for 90% of the requirements.
It has the cost advantage of not requiring any additional hardware at the calling locations. All that is required is buying the service from the local phone company and the appropriate CID recognition hardware at the receiving location. Its disadvantage is that it is not mobile. Calls must be made from the same, or a limited number of different locations.
Touch-Tones are the most economical method of accessing a secure system because no hardware or other means of identification is required at the caller's end. But like other passwords, they are the most easily compromised and they place the greatest burden on the caller (remembering them and missing entries). The burden increases with the number of digits required.
However, reducing the number of digits increases the risk of being hacked. As an example, a two digit numeric touch access code yields only 100 different combinations, four digits yield 10,000 combinations, six digits 1,000,000 combinations, and eight digits 100,000,000 combinations; add the * and the # sign or other sign on requirements and the numbers increase.
Nevertheless, Touch-Tone passwords do have their place. We recommend them for "pest control" in applications where they are used to simply screen out wrong numbers or low-level hacker attempts on relatively unimportant data or remote AC power or reset control lines. Higher level passwords (more digits) are normally used in modem applications where the password digits can be appended to a preset AT dial command.
Some of the products listed below include a combination of methods.
Matchbox-sized units. For smaller or widely dispersed dial networks. A "quick fix" for maintenance ports or to secure entire enterprises. The MASTER LOCK is used to program auxiliary units locally or remotely.
Provides modem security using CHALLENGER KEYs or CALLER ID. An RS-232 port provides great detailed reports. It is also used to program the authorization numbers into the unit. It may also simply be used for detailed audit reports.
External hardware switch that connects to the modem and the LAN. It breaks the LAN connection any time the modem is in use (inbound or outbound). It prevents LAN access through a dial modem connection. It is oriented toward PC clients and Servers that have both modem and LAN connections. External box or wall plate.