From the Security Experts

August 20, 2008

CA, Arcot Combine Solutions to Fight Internet ID Theft, Fraud

By SIP Trunking Report Editor

Saying it’s combating an increasingly prevalent problem among Internet users, an Islandia, New York-based IT management software company today is unveiling a solution that it says will help businesses reduce the risk of online identity theft and fraud.

Officials from CA, Inc. say they’re joining Arcot Systems, which deals in Internet security, in bringing out a new risk-based authentication technology that will fight phishing and other Web attacks.
Under a reseller agreement with Arcot, CA says it will extend its suite of identity and access management products that help secure Web businesses and identities online – a sorely needed solution among financial institutions, government agencies and retail and healthcare organizations, according to Mark Diodati, a senior identity and privacy analyst with Burton Group.
“The integration of Web access management with risk-based authentication provides great synergies by enabling organizations to dynamically adapt to evolving threats, and improve their compliance posture,” Diodati said. “The use of stronger authentication with Web access management can also reduce risk and improve customer confidence.”
Specifically, CA officials say they’ll combine their company’s “SiteMinder Web Access Manager” with Arcot’s “RiskFort” to detect, assess and block thieves’ attempts.
Here’s how the two companies’ products will work together.
By comparing the context of current transactional requests with historical performance, and using statistics and analysis to identify abnormal activity, RiskFort calculates a risk score. CA SiteMinder can then grant or deny access, or initiate other actions based on the risk score and corporate security policies.
Internet users are facing many challenges as more and more personal information is spat out into cyberspace with the Internet’s proliferation through expanding networks and Web-ready devices.
Hacking into computers has produced an entire industry of spyware and anti-virus, protective software today. The industry grew with the proliferation of desktop and laptop computers.
Now, experts say, the rapid spread of cell phones and smart phones is presenting a new, serious threat that could compromise users’ privacy and the security of passwords for e-mail and even bank accounts.
“Right now, we’re at a real interesting point, and kind of a troubling point if you think about it,” Daniel V. Hoffman, a mobile security expert who works as chief technical officer at SMobile Systems, told TMCNet during a recent interview. “Everybody has some kind of device, what we’re holding now is more powerful than laptops were seven, eight years ago. There are not a tremendous amount of threats that are publicly known. We haven’t been a big event, like the ‘I love you’ or ‘Melissa’ virus, that everyone talks about. The reason for that is that these hackers don’t want to be loud.”
SMobile is a Columbus, Ohio-based company that develops security solutions for all mobile device platforms.
Hoffman says the company’s software products are unique in that they serve smaller businesses, whose workers may keep privileged information and carry out critical, private communications through devices such as smart phones.
An effective solution for SMBs looking for mobile security must encompass anti-virus, personal firewall and encryption features, Hoffman said. That’s a rare combination on today’s market, he said – even the hugely popular, much-hyped Apple iPhone 2.0 lacks that level of security, Hoffman said. He added that SMobile is developing the mobile security for the new 3G iPhone – as well as for Google’s widely anticipated Android mobile platform – and that those products likely will be available later this year.
According Bill Mann, senior vice president for CA Security Management, proving that a person is who he or she says she is on the Internet is critical for online transactions.
“Moving forward as Web 2.0, software-as-a-service, collaboration and social networks gain greater relevance for business, the demand for identity assurance will be even more critical,” Mann said. “CA SiteMinder and the addition of Arcot RiskFort gives customers a solution for risk-based authentication, identity assurance and application access that is easily and cost-effectively deployed.”
Don’t forget to check out TMCnet’s White Paper Library, which provides a selection of in-depth information on relevant topics affecting the IP Communications industry. The library offers white papers, case studies and other documents which are free to registered users. Today’s featured white paper is The Compelling ROI Benefits of Contact Center Quality and Performance Management Technologies, brought to you by Voice Print International.

Michael Dinan is a contributing editor for TMCnet, covering news in the IP communications, call center and customer relationship management industries. To read more of Michael´┐Żs articles, please visit his columnist page.

Edited by Michael Dinan