Twice the Security

For Bev Enke, an infrastructure support specialist in Columbia County, Wis., moving to a two-factor authentication system was simply a matter of adhering to the federal government's requirements for secure remote access over wireless.

Enke says once the county decided to move from its radio modem network and run over aircards, it had to adhere to the FBI's Criminal Justice Information Services (CJIS) security policy for remote access, which requires two-factor authentication.

Two-factor authentication -- which asks a user to present his or her password (what they know) and the unique ID code on the token (what they have) -- provides an extra layer of security beyond the usual password for network access.

To gain approval from the Justice Department, Enke had to map out exactly how the system would work and how remote officers would connect wirelessly. This detailed planning phase made the implementation go smoothly, so officers were up and running within a few months.

Now, the lieutenants, detectives and officers use cellular modems with a Utility Associates booster called the Rocket, which is essentially a wireless hub. The technology was deployed in 40 county squad cars, nine municipality squad cars and two units in the mobile command center. This setup is further enhanced by RSA SecurID tokens, which allow for remote access to the county's server via NetMotion Mobile VPN and Active Directory. Another 11 municipality squad cars will be deployed by mid-March.

"If you're in a situation like they are in the sheriff's department, you'll want something that's always going to be available and reliable," says Ant Allan, research vice president for security, risk, privacy and compliance at Gartner, an information technology research company.

All officers and detectives now use the new system. It offers easier network access and eliminates some of the administrative duties that sheriffs and detectives would normally have to do back at the office.

"It's like night and day," Enke says. "They can receive e-mail out in the cars now, which was something we were never able to do. Now they can spend more time out in the field."

Another Compliance Challenge Solved

RSA Secure ID tokens also resolved different compliance requirements for Logan Kleier, information security officer, in Portland, Ore.

The tokens were initially deployed two years ago to comply with the Payment Card Industry Data Security Standard (PCI DSS), which mandates security measures to ensure the adequate protection of cardholder data. This standard covers the secure collection of debit and credit card numbers that are used to pay for on-street parking and other permits.

"It resolved the compliance challenge, which was important," says Kleier. The tokens also provide secure network access for more than 1,000 city workers, all of whom need access to information inside the city's network.

The two-factor method paired nicely with the city's SSL VPN browser-based remote access. "When we switched over from an older remote access, we had a client-based form without two-factor authentication," Kleier says. "Only 200 people were using that, but with SSL VPN and the RSA tokens, we can support over 1,000 users."