If you’ve ever thought about cutting corners when purchasing identity access management (IAM) hardware, consider what happened in spring 2022 to the U.S. Department of Defense (DoD).
The Pentagon had allowed its employees and contractors to procure their own readers to use their Common Access Cards (CAC) for remote email access.
Unfortunately, when a single contractor purchased a $14.47 CAC smart card reader on Amazon, he unknowingly facilitated a phishing attack that stole $23.5 million in a single incident. This same breach also afforded illegal access to controlled spaces, computer systems and government networks.
As it turned out, the card reader purchased by the contractor required a software download from the manufacturer that was brimming with malware, making government networks vulnerable to cyberattacks. It was a true national security threat.
While the DoD was able to track down and recover its missing millions—and convict the cybercriminals on multiple counts—the lack of due diligence and willingness to purchase an unproven reader online for less than twenty dollars demonstrate the vulnerability of organizations that don’t adhere to strict security standards for every technology tool, including card readers.
The incident reveals why it’s imperative to work with a reputable partner who designs, manufactures and supports high-quality readers that are up to this critical job.
Cheap readers can be costly
You don’t need to be the DoD to be a target of malware installed on cheap, unproven security hardware. In fact, unauthorized access now accounts for 50% of all breaches, and the average cost of a data breach jumped to $9.5 million.* Unfortunately, any organization is susceptible—from large enterprises to healthcare, manufacturing, and small business.
Choosing the right reader is less worrisome when you partner with an organization committed to its products and the security of its customers.
rf IDEAS® offers more than 25 years of industry experience and an extensive partner network of IAM solution providers. This allows you to make the most of your current IAM infrastructure while adding the technologies you need to level up to two- or multi-factor authentication.
WAVE ID® readers enable you to incorporate industry-leading multi-factor authentication that eliminates weak passwords and PINs, and helps prevent costly breaches. In addition, you’ll find a wide range of form factors, mounting configurations, and credentials for your unique security requirements.
You can choose single-frequency, dual-frequency, mobile and biometric versions to read nearly any credential in use anywhere in the world, today and tomorrow.
For example, WAVE ID® Plus reads most global smart card or proximity card credentials and seamlessly fits into virtually any current system—saving you time and delivering workflow efficiency.
For the pinnacle of MFA security, the WAVE ID® Bio provides the highest level of security via MFA protocols that uniquely identify users wherever they go.
Laptop or tablet users can benefit from the WAVE ID® Nano that delivers all the features of desktop/surface-mount readers in an ultra-compact format for use with USB-A ports or smaller USB-C versions.
Finally, mobile users can select WAVE ID readers with Bluetooth® Low Energy technology to enable contactless authentication and cloud-based management.
All of these readers are currently used by some of the world’s most security-focused organizations in industry and government alike.
Protection starts with an ecosystem
Unlike the cheap, Amazon-bought reader that failed the DoD user, every rf IDEAS reader supports your identity ecosystem through convenience, data security, workflow efficiency, and regulatory compliance. The readers are designed to meet a growing list of government mandates including FIDO2, HIPAA, EPCS, CJIS, GDPR, and others.
In addition, rf IDEAS works with leading technology partners that can support your specific application. You benefit from simple access to software and service providers that can help you address virtually any authentication challenge, across any industry.
It’s cliché, but true: You get what you pay for. And when you consider just what is riding on your choice of readers, it’s clear that this critical piece of your overall security solution plays a much larger role than its relatively low price tag and compact size might indicate.
To learn more, contact an rf IDEAS representative here.
* ForgeRock 2022 Consumer Identity Breach Report
