Company News

Are you paranoid regarding your data and communications?

The Internet can be a virtual playground where one can truly honor and live up to the creed of Office Space’s Peter Gibbons, but it isn’t that sort of complacency this entry refers to.  Former CEO of Intel Andrew Grove warns us, “Success breeds complacency. Complacency breeds failure. Only the paranoid survive.”

Development of the Internet is one of the greatest successes of modern man.  The ability to instantaneously communicate across the globe, and access millions of brick and mortar libraries worth of data with a few clicks is an unrivaled accomplishment. So, following Andrew Grove’s logic, the magnitude of the success of the Internet will breed an equal magnitude of complacency and therefore an equal magnitude of failure.

Adding “be paranoid” to your daily task list seems like a recipe for an early retirement (a forced one). However, those who are paranoid – those that do not grow complacent with the success of current Internet functionality – will pioneer new successes and redefine what success means. Before innovation can occur the problems that breed in the environment of complacency must be identified.

world20network20large

One example of this is mobile use of the Internet.  The Internet was not engineered for mobility, but we forced it to be mobile – another great success – but now that produces problems. Currently, mobile communications are shoe-horned into the enterprise type communications theory in the mobile environment, thus enabling so called “Mobile Communications Capability”. Current fixed Internet protocols are reliable at less than 5% failure rates. These same protocols are by no means reliable in the mobile arena.

Most, if not all, mobile communicators experience a 10+ fold increase in failures while accepting this as a necessary part of the “new” way of communicating. This use of mobile communication, however necessary, poses extreme dangers to sensitive data .

The performance problems and barriers that the Secure Mobile Communications industry faces are exacerbated by hackers. Hackers target sensitive data and are clever enough to know the weaknesses created by using stationary Internet technology across the mobile public Internet. The stem of all of the ills of secure mobile comms is that the intelligence of routing decisions relies on publically accessible devices. This makes what are supposed to be secure comms inherently vulnerable to attack.

Spoofing, replay, black holing are all forms of attack that the current systems are susceptible to. Current VPN technology takes far too long to recognize a compromised tunnel and re-establish a new one. Mechanisms are not in place with current IPSEC technology that will allow for the dynamic re-establishment of tunnels based on compromised dependencies, such as an IP address changes, ARP table deviations, a break in the transport several hops away from the source and destination of the tunnel.  These are regular and expected deviations from “normal” fixed communications infrastructures you typically traverse.  These issues and other technologies compile into a performance and security nightmare for those responsible for guaranteeing authentication, integrity, and confidentiality of the data in transit.

There is no way to stop hackers from intercepting data. But devices and technology (secure protocols) acting in concert can recognize the interception and minimize the amount of data that is sent across a compromised tunnel.

In my next several posts, I will expand upon how and why current technologies fail to operate reliably and securely in the mobile environment. Ultimately, these discussions should clarify what changes can and need to be made to ensure secure communications in the mobile environment.

-Tom Morgan

Leave a Reply