Data security plays a vital role in both our work and personal lives, but the challenges associated with keeping data safe are becoming far more complex.
Today’s AES (Advanced Encryption Standard) security technology might be considered ‘unbreakable’ based on current computing power, but that doesn’t mean we can rest on our laurels.
The challenge of identifying obsolete tech
How much technology do you still rely on in your business that could be considered obsolete?
If you don’t know the answer to that question, you’re not alone. It’s not always immediately obvious when a piece of technology has passed its security sell-by date - principally because it may simply be using an outdated protocol or standard.
For instance, the SHA-0 and SHA-1 hashing algorithms are intangible, but have been proven insecure and were replaced last year by SHA-2.
Then, there’s SSL (Secure Socket Layer), which was used to encrypt traffic flowing to and from websites. Introduced in 1996, it was replaced by TLS (Transport Layer Security) in 2015, in response to new rules put in place by the Payment Card Industry Data Security Standard.
Security standards keep advancing, and you may have multifunction printers, web assets and networking infrastructure that still rely on outdated security technology, which is why seeking the input of an expert is highly recommended.
The four-way Wi-Fi handshake
Wi-Fi is another example of the ever-evolving security landscape, and something that plays an important role in modern printing devices.
You may have heard of WEP, which was considered to be the secure standard by which to protect wireless communications. Unfortunately, it lasted only two years before being replaced by the Wireless Protected Access (WPA) protocol.
We’re now close to seeing the launch of WPA3, which aims to address the weakness that currently exists in the way wireless connections are established. By using a four-way handshake, WPA2 allows the access point and client to confirm that they both know a security key without ever exposing it - but it can be circumnavigated.
Under WPA2, hackers can still undertake what is known as an ‘offline dictionary attack’ to determine a Wi-Fi password. And, because routers only know the right password, their inability to distinguish legitimate network access from nefarious means the cybercriminal can enter the network without trouble.
Offline dictionary attacks are particularly dangerous, because they give the attacker the time and computing resource they need to guess passwords. It’s why print and network security is set for another evolution with WPA3.
Why passwords aren’t the answer
Does the future of print security simply mean we all need to register much stronger passwords to counteract vulnerable security protocols?
There’s no escaping the fact that having a strong password makes attacks on your work and personal data far less probable, but they’re cumbersome, difficult to remember and easily abused. This is why you should expect to see much greater advances in biometric security and two-factor authentication options as time progresses.
If you have a smartphone that grants you access by scanning your fingerprint or face, you’re also getting a glimpse at the future of print security.