How to Ensure Your SMS Carrier Isn’t the Weakest Link in Your Security Chain

For businesses and users alike, there has recently been a big security shift to two-factor authentication, and many companies are leaning on mobile devices to provide authentication codes in a timely manner for users.

The way it works is pretty simply. Once customers login using their usernames and passwords, they have to then authenticate their entry a second time by entering a code sent to their mobile device.

Companies all around the globe also rely on SMS for redundancy in communication when internet isn’t available, to ensure their communications are never disrupted.

With a lot of services relying on this method of authentication and redundancy, there has never been more pressure on you mobile accounts to stay secure. It’s important to make sure your SMS carrier isn’t the weakest link in your security chain by choosing a secure SMS gateway solution.

Why rely on SMS in the first place? Your information is valuable.

The number one method of communication is email—personal and business users alike across the web use it to communicate, as well as to authenticate accounts and send sensitive information.
This infographic from Krebson Security shows just how valuable your email account can be when hacked—pretty much all of your accounts are connected to your email, and it can be a little scary to realize what someone could access there:

Krebson also goes into detail about how valuable these account can be to a hacker:

“One prominent credential seller in the underground peddles iTunes accounts for $8, and Fedex.com, Continental.com and United.com accounts for USD $6. Groupon.com accounts fetch $5, while $4 buys hacked credentials at registrar and hosting provider Godaddy.com, as well as wireless providers Att.com, Sprint.com, Verizonwireless.com, and Tmobile.com. Active accounts at Facebook and Twitter retail for just $2.50 a piece.”

In addition to the monetary value, hackers are also disrupting businesses with security breaches, account turnovers and major customer data thefts. If your internet security fails, you’re vulnerable to communication failure as well as to a security breach.

SMS provides a secure and reliable alternative to email, while also complementing the easy use of email. Without SMS, you’re flying solo with email—every service you use probably requires an email address, and all security precautions can become undone if someone unwanted gets access.

Keep the second link in your chain secure—work with the right SMS software and hardware.

Hackers can get a hold of your passwords easily through your mobile provider without the right security precautions.

Reliance on a secure SMS gateway ensures your communications stay up and running through SMS, even when internet is down. The right SMS gateway will keep your information secure through the two-factor authentication process and support your business in the event of an internet disruption.

Naturally, both users and businesses want their methods of communication to be calm and dependable.
SMSEagle hardware SMS gateways send SMS messages directly to 3G network without using Internet connection. The gateway will work even if Internet connection fails. The SMSEagle gateway, once purchased, is located in your company premises. These assures you control over security and confidentiality of SMS communication. No matter the temperature or humidity conditions the hardware sticks with you.

If you care about quality and security, you need a reliable SMS gateway solution to ensure that your mobile carrier isn’t the weakest link in your security chain.

 

meganmorreale-headshot

Megan has been writing about enterprise technology, data, infosecurity and environmental technology for several years. Tweet her @MeganRoseM, or check out her blog: www.meganmorreale.com.

Redundancy and Automated Alerts Ensure Business Continuity?

In the UK and Ireland, you are made redundant when you lose your job. When something is redundant, it means that it is unnecessary, a duplicate of the existing. However, in networking and indeed business terms, having redundant options is a positive concept, as it refers to backup solutions that take over when the primary fails.

In a perfect world, where hardware often has a predetermined or estimated lifespan, companies will ensure that business continuity is possible for a wide range of ‘disasters’ whether these include loss of services, hardware failure, data loss or other unexpected events such as fire, flooding and severe weather conditions. These secondary solutions are known as redundant, backup or ‘failover’ solutions as their function is to assume control or allow the means to restore services when the primary goes down.

How important is redundancy for the average company? Is it feasible to guarantee 100 per cent uptime? What steps can companies take to minimise risk or downtime?

Obviously, due to budgetary constraints common to many companies, it is not possible to simply clone an entire IT infrastructure to ensure uptime in all areas. In any case, even if budgets are available, it does not make business or financial sense to do so. However, companies can take steps to protect themselves and reduce downtime risk.

Essential Services

In terms of business continuity, all companies are at the mercy of power companies and loss of power is a problem that faces everyone. It is solved by the use of uninterruptible power supplies (UPS) for every network device. Unfortunately, they are expensive and are not a long-term solution if power loss lasts more than a few hours. Generators will solve the problem and allow internal tasks to resume.

Given the likelihood that any blackout is not limited to your premises, you have also lost internet access, apart from internet-enabled mobile devices, of course.

It is for this reason that many companies utilise cloud services, with managed service providers for key customer-facing elements of the business, such as e-commerce websites, for example. The adoption of a hybrid IT infrastructure makes perfect sense and allows companies to continue working in the cloud until the on-premise network is back online.

In fact, according to a SolarWinds survey, 92 per cent of U.S. IT professionals claim that cloud adoption is important to their organisation. In addition, it is application, database and storage requirements that that drive increasing adoption. When only 6 per cent of have not migrated anything to the cloud, can you afford to ignore the benefits?

However, bear in mind that cloud migration does not eliminate on-premise network concerns as, in the same report, 60 per cent of respondents believe it’s unlikely that everything will be cloud-based, with security and compliance of the greatest concern. Therefore, downtime remains a tangible risk and automated network monitoring can certainly help.

Prompt Response is Key

How will you know if your network goes down? During the working day, it may well be blatantly obvious, as users will immediately contact IT when they can no longer access services. But what happens when IT are offsite or it’s after working hours?

Power loss is admittedly rare in developed countries but loss of broadband or network access is more regular and companies need immediate alerts if this happens, given that key business activities, both internal and external rely on them.

One option is a hardware SMS gateway, which alerts the parties responsible for network monitoring, whether these are on-premise or outsourced from a local IT company. Most importantly, as each gateway contains a SIM Card, alerts are sent even when an internet connection is not present. With a 3G option to facilitate communication, automated email alerts (in addition to SMS) are also possible due to inbuilt modems and watchdog mechanisms.

With such an alert mechanism in place, response time is reduced and your chosen IT professionals can solve the root cause faster, reducing downtime and loss of productivity.

How Much does Downtime Cost?

In many situations, reactive support is necessary, hence the requirement for an automated alert system. With power loss and internet connection issues solved, companies can take additional steps to maintain business continuity.

The big one is, of course, data loss due to hardware failure. Hard drives fail regularly and few companies operate without protecting their data by using real-time backups and regular offsite archiving. However, this is only a small part of the network redundancy options available and each companies needs to evaluate their redundancy strategy. Ask yourself how much it will cost if your internal network goes down for an hour. How about an entire day?

In factory production, for example, an hour could be very costly. In a small office, perhaps not so much. Therefore, weigh the costs of employing network redundancy at all points in the data path against the cost and perceived risk of failure.

Increase Redundancy?

Reducing risk factors is a key objective in business but is generally considered in budgetary terms. If the risk is low and the cost for a redundant feature far exceeds the possible costs of failure then it is not worth implementing.

For example, redundant measures could include but are not limited to:

  • Network cabling setup that facilities redundancy — ring protocols or redundant coupling, for example.
  • Managed switches that reroute connections if one path fails.
  • Redundant dedicated broadband connections from another service provider.
  • Multiple backup plans for servers and desktops.
  • Use of colocation servers and failover technology.
  • Backups for cooling, power, fire and water detection

In conclusion, 100 per cent network redundancy comes with a hefty price tag, requiring ongoing maintenance and management from professionals with a variety of skill sets. Even then, 100 per cent uptime is not guaranteed.

Large enterprises with dedicated data centres can handle these requirements but smaller companies simply do not have the budget or staff to support a fully redundant network. While theoretically, it is indeed better to be proactive, it is more cost-effective to put a preventative maintenance process in place and react to hardware problems as they occur, in accordance with a defined disaster recovery plan. When alerts are automated, what more is needed to reduce downtime?

 

 

bio-photo

Michael O’Dwyer is a Hong Kong-based business and technology journalist, independent consultant and writer whose stories have appeared on Forbes.com, The Street, IBM’s Midsize Insider, HP’S Pulse of IT, Dell’s Tech Page One and other IT portals, typically covering areas where business and technology intersect. He writes for both US and UK audiences and acts as a technology and open source advocate in his personal and professional activities. Twitter: @MJODWYERHK