Lockheed Martin confirms attack on its IT network. Lockheed Martin and RSA are serious players in network security. If they can be hit then your company can be hit. How then can outsourcing lower your risks instead of increasing them?

We have been very serious about network security at Telegenisys ever since our founding in 1994. We don’t have any SecurID tokens of the kind that were used in this attack. We don’t just blindly accept RSA’s word that their systems are totally secure so we should just trust them, because they’re not. We don’t have roving access. When our employees are on the job then they are in our secure facilities. That way we don’t have to worry about the security of home office PCs, because these are not part of our solutions.

And we do point to point connections using tried and true technologies, triple DES and IP restrictions. We are worried about quantum computer attacks, but we don’t think the currently offered solutions have been subjected to enough public scrutiny to be worth implementing. So if your security solution is only secure until the minute that somebody discovers how you do it, then don’t call us, we’re not interested.

Postscript

We have implemented RSA’s SecureID tokens at the request of one client for their process. We have insisted that the accounts secured by these tokens be limited to the the network addresses of our secure facility for an extra factor of protection. All of our access is of course monitored on both sides.