Cyber security is a growing concern. Consider the Sony hack in November 2014, where personal information about Sony Pictures employees, their families, emails and more were released. On the heels of that hack came this summer’s White House Cyber Security Hack, where “more than 21 million Social Security numbers were compromised in a breach that affected a database of sensitive information on federal employees.”
You might be thinking, “What do either of these have to do with my facilities or maintenance department?” The answer of course is that no one wants his or her data compromised. In fact, in response to the White House breach, the White House CIO launched a 30-day Cyber Security Sprint to accelerate progress made in Federal agency efforts to protect information and assets.
So what are you doing to ensure that your Maximo data is secure? What considerations should you be taking to ensure that your data is not compromised? Here at Interloc, we have built our Mobile Informer platform with security at the forefront. Consider these factors.
No additional server software.
Additional servers mean additional points of failure. They also mean additional vulnerabilities and exposure to cyber attacks. Because the Mobile Informer platform sits inside of Maximo as a native Maximo application, there are no additional servers to concern yourself with. That means that you have no added points of vulnerability. Mobile Informer interacts directly with Maximo through the MIF (Maximo Integration Framework) web services that are secured over TLS (Transport Layer Security).
No data replication.
Causing data to bounce between additional servers inherently introduces a security risk. Consider at which points the data is encrypted. For instance, while data might be encrypted from the mobile device to the mobile server, is it equally encrypted from the mobile server to Maximo? Data that is replicated creates additional areas of vulnerability where it can be accessed and compromised. Mobile Informer sends data directly from the device to the Maximo MIF, thus keeping vulnerabilities at bay.
Multi-factor authentication is defined as a “security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.”
An example of multi-factor authentication is using your username/password plus an additional method such as an RSA key or a Personal Identification Verification (PIV) card.
Multi-factor authentication is becoming increasingly more popular. In fact, as part of the recent “cyber security sprint” the White House CIO has mandated that government agencies must speed up the activation of multi-party authentication using their government issued PIV cards to access any data, including maintenance information.
Mobile Informer stands ready to support any organization that requires multi-factor authentication, including the use of PIV cards.
Wondering if your Maximo mobile data is secure? Scrambling to comply with your security regulations? Give Interloc a call; we’ll help to get you there!