Welcome!

Microservices Expo Authors: Dalibor Siroky, Liz McMillan, John Worthington, Automic Blog, Don MacVittie

News Feed Item

Route1 Comments on the Impact of Recent, Significant Data Security Events

MobiKEY Users remain Unaffected by Heartbleed Bug and Increased Litigation Risk

TORONTO, ONTARIO -- (Marketwired) -- 04/23/14 -- Route1 Inc. (TSX VENTURE:ROI), a leading provider of secure access technologies for the mobile workspace that protects businesses and government agencies and whose customers include the U.S. Department of Defense, the Department of Homeland Security, the Department of Energy and the Government of Canada, today released a statement on recent, important developments pertaining to corporate data security and Enterprise Mobility Practices.

NJ Court Ruling: FTC Authority

On April 7, 2014, U.S. District Judge Esther Salas of New Jersey affirmed that the Federal Trade Commission could proceed with its lawsuit against Wyndham Worldwide Corp. as a result of the company's failure to safeguard customer information, which resulted in multiple breaches of personal information. The ruling is a significant step towards holding organizations legally liable for failing to implement and enforce proper security controls for sensitive data.

As part of its thought leadership program, Route1 routinely speaks with its senior-level government and private sector clients to identify trends and emerging challenges in the market. As a result of these interactions Route1 issued a white paper on the possible legal implications of BYOD security policy in September 2013. Judge Salas' decision reinforces the assertions made in the white paper: poor data security policy will ultimately lead to legal action against an organization.

Tony Busseri, Route1 CEO, noted, "The New Jersey court's ruling confirms our assertion that legal consequences are a very concrete risk that organizations accept when settling for inadequate data security measures. As evidenced by Judge Salas' decision, proper technological controls must be put in place to ensure the security of sensitive information. Information Security can affect the financial well-being of the entire organization and thus ceases to simply be an IT function. Boards and executive management teams can no longer ignore the topic."

In pursuit of increased productive enterprise mobility initiatives are often rolled out without proper consideration of the two most common risk vectors leading to data breaches: Lost or stolen devices and USB sticks on one side, and the propagation of malware or viruses via compromised remote assets on the other side. Reducing these risks through policy has proven to be ineffective. Instead we are seeing organizations seeking to implement technology that allows them to unlock the productivity gains of BYOD and mobile access while neutralizing these risk vectors. High assurance access to enterprise resources can be enabled without actually downloading data to the remote devices. This way all sensitive data stays within the enterprise network and its established security controls. The cost effectiveness of this approach is self-evident. Instead of spending time and money on managing and controlling the remote asset, you simply ensure its identity, restrict its access and never let it cache or download anything.

The Heartbleed Bug: The end of single factor authentication

The New Jersey Court's decision coincides with the recent discovery of the widespread Heartbleed Bug. The Heartbleed Bug is a flaw in the OpenSSL open-source encryption implementation that is used across roughly two-thirds of available Internet services and website. The full extent of the fallout from the Heartbleed Bug is still unfolding, but it poses the very real possibility that untold millions of usernames and passwords, that were used only once with a vulnerable internet service are now in the hands of malicious parties.

Mr. Busseri continued, "Verizon just released its 2013 Data Breach Investigation Report and confirms that stolen passwords are used by hackers in the majority of data breaches. With Heartbleed we now have a situation where you need to assume that all of the limited number of passwords your employees use have been compromised on a web service that uses OpenSSL. Accordingly, you have to implement multifactor authentication when granting mobile access to corporate data. This is now a priority that simply cannot wait. Our customers continue to belief that integration of smart card technology is the easiest, most user-friendly, reliable and cost effective way to do so."

MobiKEY, Route1's flagship technology, meets all the named requirements. It features a smartcard enabled, cryptographic USB device or smartcard reader to ensure that employees leave no trace or evidence of their computing session when remotely accessing sensitive data. All enterprise files stay within the corporate network, simplifying security policy enforcement. Most importantly, MobiKEY does not require any changes to your IT infrastructure; instead it integrates with deployed technologies and can be rolled out in a matter of hours.

If a MobiKEY is lost or stolen, enterprise networks cannot be compromised in any way - unlike other portable devices that can be used to store sensitive data and can easily put organizations at risk. Just as a cell phone service can be suspended or cancelled when loss or theft occurs, digital certificates issued to MobiKEY can be temporarily suspended or revoked.

By providing airtight protection against data loss, MobiKEY enables organization to unlock the productivity gains of BYOD and mobile access without exposing them to the embarrassing and costly effects of prolonged litigation. Ultimately, MobiKEY provides enterprises with stability - technologically, legally and financially.

Mr. Busseri adds, "Complex times do not require complex solutions but rather simple ones that directly address the core problems of data security. Keeping sensitive data within the enterprise network via MobiKEY is such a solution. MobiKEY unlocks the productive gains that mobility promises without exposing organizations to the risk of data loss or litigation."

ABOUT ROUTE1, INC.

Route1 enables the mobile workspace without compromising on security. Its flagship technology MobiKEY uniquely combines secure mobile access, with high assurance identity validation and plug-and-play usability. Remote and mobile workers are able to securely and cost effectively access their workspace from any device without exposing the organization to the risk of data spillage or malware propagation. MobiKEY customers include Fortune 500 enterprises as well as the U.S. Department of Defense, the Department of Homeland Security, the Department of Energy and the Government of Canada. Headquartered in Toronto, Canada, Route1 is listed on the TSX Venture Exchange.

For more information, visit our website at: www.route1.com.

This news release, required by applicable Canadian laws, does not constitute an offer to sell or a solicitation of an offer to buy any of the securities in the United States. The securities have not been and will not be registered under the United States Securities Act of 1933, as amended (the "U.S. Securities Act") or any state securities laws and may not be offered or sold within the United States or to U.S. Persons unless registered under the U.S. Securities Act and applicable state securities laws or an exemption from such registration is available.

Neither the TSX Venture Exchange nor its Regulation Services Provider (as that term is defined in the policies of the TSX Venture Exchange) accepts responsibility for the adequacy or accuracy of this release.

© Route1 Inc., 2014. All rights reserved. Route1, the Route1 and shield design Logo, SECURING THE DIGITAL WORLD, Mobi, MobiSecure, MobiLINK, Route1 MobiKEY, Route1 MobiVDI, MobiKEY, MobiKEY IBAD, DEFIMNET, MobiNET, Route1 MobiNET, TruOFFICE, TruFLASH, TruOFFICE VDI, MobiKEY Fusion, MobiNET Aggregation Gateway, MobiNET Switching Array, MobiNET Secure Gateway, EnterpriseLIVE, EnterpriseLIVE Virtualization Orchestrator, MobiNET Agent, MobiKEY Classic and MobiKEY Classic 2, are either registered trademarks or trademarks of Route1 Inc. in the United States and or Canada. All other trademarks and trade names are the property of their respective owners. The DEFIMNET and MobiNET platforms, the MobiKEY, MobiKEY Classic, MobiKEY Classic 2 and MobiKEY Fusion devices, and MobiLINK are protected by U.S. Patents 7,814,216 and 7,739,726, Canadian Patent 2,578,053, and other patents pending.

Other product and company names mentioned herein may be trademarks of their respective companies.

Contacts:
Route1 Inc.
Tony Busseri
CEO
+1 416 814-2635
[email protected]
www.route1.com

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

@MicroservicesExpo Stories
The nature of test environments is inherently temporary—you set up an environment, run through an automated test suite, and then tear down the environment. If you can reduce the cycle time for this process down to hours or minutes, then you may be able to cut your test environment budgets considerably. The impact of cloud adoption on test environments is a valuable advancement in both cost savings and agility. The on-demand model takes advantage of public cloud APIs requiring only payment for t...
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the conn...
identify the sources of event storms and performance anomalies will require automated, real-time root-cause analysis. I think Enterprise Management Associates said it well: “The data and metrics collected at instrumentation points across the application ecosystem are essential to performance monitoring and root cause analysis. However, analytics capable of transforming data and metrics into an application-focused report or dashboards are what separates actual application monitoring from relat...
The benefits of automation are well documented; it increases productivity, cuts cost and minimizes errors. It eliminates repetitive manual tasks, freeing us up to be more innovative. By that logic, surely, we should automate everything possible, right? So, is attempting to automate everything a sensible - even feasible - goal? In a word: no. Consider this your short guide as to what to automate and what not to automate.
We just came off of a review of a product that handles both containers and virtual machines in the same interface. Under the covers, implementation of containers defaults to LXC, though recently Docker support was added. When reading online, or searching for information, increasingly we see “Container Management” products listed as competitors to Docker, when in reality things like Rocket, LXC/LXD, and Virtualization are Dockers competitors. After doing some looking around, we have decided tha...
It’s “time to move on from DevOps and continuous delivery.” This was the provocative title of a recent article in ZDNet, in which Kelsey Hightower, staff developer advocate at Google Cloud Platform, suggested that “software shops should have put these concepts into action years ago.” Reading articles like this or listening to talks at most DevOps conferences might make you think that we’re entering a post-DevOps world. But vast numbers of organizations still struggle to start and drive transfo...
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...
Many enterprise and government IT organizations are realizing the benefits of cloud computing by extending IT delivery and management processes across private and public cloud services. But they are often challenged with balancing the need for centralized cloud governance without stifling user-driven innovation. This strategy requires an approach that fundamentally reshapes how IT is delivered today, shifting the focus from infrastructure to services aggregation, and mixing and matching the bes...
Cavirin Systems has just announced C2, a SaaS offering designed to bring continuous security assessment and remediation to hybrid environments, containers, and data centers. Cavirin C2 is deployed within Amazon Web Services (AWS) and features a flexible licensing model for easy scalability and clear pay-as-you-go pricing. Although native to AWS, it also supports assessment and remediation of virtual or container instances within Microsoft Azure, Google Cloud Platform (GCP), or on-premise. By dr...
"Codigm is based on the cloud and we are here to explore marketing opportunities in America. Our mission is to make an ecosystem of the SW environment that anyone can understand, learn, teach, and develop the SW on the cloud," explained Sung Tae Ryu, CEO of Codigm, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
High-velocity engineering teams are applying not only continuous delivery processes, but also lessons in experimentation from established leaders like Amazon, Netflix, and Facebook. These companies have made experimentation a foundation for their release processes, allowing them to try out major feature releases and redesigns within smaller groups before making them broadly available. In his session at 21st Cloud Expo, Brian Lucas, Senior Staff Engineer at Optimizely, discussed how by using ne...
"CA has been doing a lot of things in the area of DevOps. Now we have a complete set of tool sets in order to enable customers to go all the way from planning to development to testing down to release into the operations," explained Aruna Ravichandran, Vice President of Global Marketing and Strategy at CA Technologies, in this SYS-CON.tv interview at DevOps Summit at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Let's do a visualization exercise. Imagine it's December 31, 2018, and you're ringing in the New Year with your friends and family. You think back on everything that you accomplished in the last year: your company's revenue is through the roof thanks to the success of your product, and you were promoted to Lead Developer. 2019 is poised to be an even bigger year for your company because you have the tools and insight to scale as quickly as demand requires. You're a happy human, and it's not just...
"Opsani helps the enterprise adopt containers, help them move their infrastructure into this modern world of DevOps, accelerate the delivery of new features into production, and really get them going on the container path," explained Ross Schibler, CEO of Opsani, and Peter Nickolov, CTO of Opsani, in this SYS-CON.tv interview at DevOps Summit at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, discussed how data centers of the future will be managed, how the p...
DevOps teams have more on their plate than ever. As infrastructure needs grow, so does the time required to ensure that everything's running smoothly. This makes automation crucial - especially in the server and network monitoring world. Server monitoring tools can save teams time by automating server management and providing real-time performance updates. As budgets reset for the New Year, there is no better time to implement a new server monitoring tool (or re-evaluate your current solution)....
While we understand Agile as a means to accelerate innovation, manage uncertainty and cope with ambiguity, many are inclined to think that it conflicts with the objectives of traditional engineering projects, such as building a highway, skyscraper or power plant. These are plan-driven and predictive projects that seek to avoid any uncertainty. This type of thinking, however, is short-sighted. Agile approaches are valuable in controlling uncertainty because they constrain the complexity that ste...
"This all sounds great. But it's just not realistic." This is what a group of five senior IT executives told me during a workshop I held not long ago. We were working through an exercise on the organizational characteristics necessary to successfully execute a digital transformation, and the group was doing their ‘readout.' The executives loved everything we discussed and agreed that if such an environment existed, it would make transformation much easier. They just didn't believe it was reali...
"We're developing a software that is based on the cloud environment and we are providing those services to corporations and the general public," explained Seungmin Kim, CEO/CTO of SM Systems Inc., in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
The cloud revolution in enterprises has very clearly crossed the phase of proof-of-concepts into a truly mainstream adoption. One of most popular enterprise-wide initiatives currently going on are “cloud migration” programs of some kind or another. Finding business value for these programs is not hard to fathom – they include hyperelasticity in infrastructure consumption, subscription based models, and agility derived from rapid speed of deployment of applications. These factors will continue to...