With RPKI vulnerable and new mandates coming in, it’s time to put protections in place to secure your company data.
RPKI (Resource Public Key Infrastructure) is a security layer in BGP routing, providing a cryptographic method to connect Internet number resource information to a trust anchor. According to Phoenix NAP, Resource Public Key Infrastructure makes BGP more secure and reliable. The vulnerability of the Internet due to how BGP works is a systematic problem. With the growth of the Internet, the consequences are more noticeable.
ATHENE Calls RPKI Insecure
ATHENE (National Research Center for Applied Cybersecurity) is the largest research center for cybersecurity and privacy in Europe. ATHENE states that they have managed to find a way to break one of the basic mechanisms used to secure Internet traffic. The mechanism, called RPKI, was created to prevent cybercriminals or government attackers from rerouting traffic on the Internet. These redirections are actually very common on the Internet (for espionage or through misconfigurations, etc.). The scientist team of Prof. Dr. Haya Shulman at ATHENE displayed that attackers can entirely bypass the security mechanism without the affected network operators being able to detect this.
Creating Redundancy in Your Data Security
If we can agree that the main goal of cybercriminals is to steal data, then why aren’t companies creating redundancy in their data security posture? Especially when redundancy is apparent in every other aspect of the business.
“Redundancy of skills and access to information–including credentials, processes, and project status updates–is essential for your security team to weather the coming storm,” according to CSO Online.
Best practices ensure your company has backups of your systems, disaster recovery sites, and many other critical redundancies in place, but lack redundancy in the security of your most precious commodity – your data. By taking this risk, your organization is trusting something that is out of your control to handle the security of moving data, leaving you susceptible to attacks.
“Companies need to put protections in place that secure the actual data within applications. This allows you to maintain complete control of your data security, ensuring your company and customer’s data will be protected against vulnerabilities found in the operating system (OS), transport layer, and any other third-party mechanism,” states Aron Seader, Senior Director of Core Engineering at Eclypses.
Looking Towards the Future
The U.S. Department of Defense (DoD) already requires two layers of security for the movement of data. In the near future, we can expect this to become a best practice for the private sector too. This just highlights that what most companies are doing today will soon not be enough.
“Start now by preparing for the inevitable and implement a data security solution that protects your data constantly – no matter the data, devices, applications, OS, or communications involved,” comments Aron Seader.
To schedule a free 30-minute consultation with the Eclypses technical team, contact us here.