The Reality of Data Security: Comparing Route1 to an OTP Token Solution

TORONTO, ONTARIO--(Marketwire - July 19, 2011) - In response to the recent outbreak of high-profile data security breaches, Route1 Inc. (TSX VENTURE:ROI) ("Route1" or the "Company"), a provider of leading security and identity management technology today issued the second of a series of briefing notes comparing solutions commonly used by governments and enterprises. Recent breaches at The International Monetary Fund, Citigroup, RSA, Lockheed Martin and Sony, among many others, underscore the vulnerability of networks to increasingly aggressive cyber-criminals, no matter how large or sophisticated the organization involved.

Many breaches occur as a result of opportunities created for cyber-criminals when legitimate users access networks remotely, or physically transport data from their network on portable storage devices or PCs. As data is transmitted between networks and remote users through the internet, it becomes vulnerable to man-in-the-middle attacks and malware. Portable storage devices and PCs are vulnerable to theft or hacking. The simplest of tasks, undertaken by remote users, can result in massive breaches.

Three questions must be answered to create a secure remote access solution that protects networks:

1. Access: Can people use the resources of the network wherever they are?
2. Data security: How can the organization ensure that its data cannot be accessed, stolen or tampered with by the wrong people?
3. Entitlement management: How does the organization ensure that only the right people can access the data and that only the right data is available to those people?

This briefing note demonstrates how Route1 answers these questions compared with OTP (one-time password) token solutions such as RSA's SecurID tokens.

The Route1 Solution

Route1's unique, integrated secure remote access solution offers many benefits, including the following:

• Keeps enterprise data within enterprise firewalls. Data is not moved outside the network
• Authenticates the individual user's identity using multiple factors. Many solutions authenticate against only the remote PC, not the user
• Offers remote users exactly the same access that they have at their office – they are actually working on their office computer in real time
• Protects against man-in-the-middle attacks and malware
• Requires no software installation on the remote PC – any internet-enabled PC can be used
• Leaves no footprint on the remote PC – no data is transferred, leaving nothing on the remote device
• Integrates seamlessly into existing IT infrastructure, requiring no additional servers or network upgrades or configuration changes
• Offers very quick installation on the host computer, supported by a highly regarded help desk

Route1's MobiNET platform, TruOFFICE software application, and MobiKEY device combine to deliver this unique bundle of benefits providing secure identity management and data access. The MobiNET provides universal identity and access management and is also the service delivery platform. It is driven by the identity of the user, not the PC they are using or where the data is housed. With a MobiKEY device, a user can be individually, consistently and accurately identified by the MobiNET platform. No data is stored on the device itself. If the device is lost or stolen, data and network security are not compromised.

The OTP Token Solution

OTP tokens are not a remote access solution. They are an identity management solution that must be added on to a remote access solution in order to provide comparable benefits to Route1. OTP tokens add a layer of security and authentication to a remote access solution and are often linked to VPN solutions. Organizations that combine OTP tokens with a remote access solution must piece multiple vendor technologies together, creating complex integration and implementation challenges as well as increased costs. Not only can the combined solution be challenging for organizations to implement and manage, it can also be inconvenient and cumbersome from a user perspective. This may be one of the reasons that many organizations use remote access solutions which offer convenience at the cost of security.

OTP tokens offer a two-step authentication process and have generally been considered to be relatively secure; however, that perception is now being widely questioned. In March 2011, RSA disclosed an attack on its systems which resulted in information related to its SecurIDs being compromised, and which could potentially allow the attackers to gain access as if they were in possession of the tokens. That attack is believed to have been directly responsible for the ensuing breach at Lockheed Martin, an RSA customer. Route1 does not use RSA SecurID technology and the architecture of the Route1 solution specifically protects against the kind of attack that affected RSA.

Route1		OTP Token Solution
• Real time access to the user's office desktop		• Contingent on the specific remote access solution being used in combination with the OTP token
• All data and files remain behind enterprise firewalls		• Depending on the remote access solution being used, data and files could be transferred to a remote PC and/or leave a footprint on that PC
• Absolutely no virus, malware or keyboard loggers get propagated into the client network		• Potential exists depending on the remote access solution being used
• No data footprint left on the remote PC		• Depending on the remote access solution being used, data or a footprint may be left on the remote PC. The OTP token does not protect against this
• Integrated identity management and remote access solution offering maximum ease of implementation and use		• Multiple vendors solutions pieced together to provide identity management and remote access with complexity of implementation and use and high cost
• Multi-factor authentication		• Two-factor authentication
• PKI (public key infrastructure) architecture and Root Certificate Authority (RCA) protections are not vulnerable to this type of attacks. Route1's RCA which is the foundation for Route1's solution is offline and powered off. Strict and lengthy security protocols are required to access the RCA		• Information critical to RSA SecurIDs was hacked by cyber-criminals leading to attacks on an RSA customer. Due to the nature of the solution this information has to be readily available at the moment of authentication, making it hard to protect

Attacks on enterprise networks and data will continue to increase, but so will the need for organizations to provide secure remote access to increasingly mobile work-forces. As enterprises and governments evaluate the wide range of solutions that purport to solve this critical need, they can test those solutions by judging how effectively they answer the three critical questions of Access, Data Security and Entitlement Management.

Upcoming briefing notes will discuss SSL VPN and Virtual Desktop Infrastructure (VDI).

ABOUT ROUTE1 INC.

Route1 delivers industry-leading security and identity management solutions to enterprises worldwide – businesses, government and military which need universal, secure access to all digital resources and sensitive data. These customers depend on The Power of MobiNET - Route1's communications and service delivery platform. MobiNET provides identity assurance and individualized access to networks and data. Route1's patented solutions are based on FIPS 140-2 cryptographic modules, and simplify the process of meeting increasingly stringent regulatory requirements for privacy and security. Headquartered in Toronto, Canada, Route1 is listed on the TSX Venture Exchange. For more information, visit our website at: www.route1.com.

This news release, required by applicable Canadian laws, and does not constitute an offer to sell or a solicitation of an offer to buy any of the securities in the United States. The securities have not been and will not be registered under the United States Securities Act of 1933, as amended (the "U.S. Securities Act") or any state securities laws and may not be offered or sold within the United States or to U.S. Persons unless registered under the U.S. Securities Act and applicable state securities laws or an exemption from such registration is available.

© Route1 Inc., 2011. All rights reserved. Route1, the Route1 and shield design Logo, SECURING THE DIGITAL WORLD, Mobi, MobiSecure, Route1 MobiKEY, Route1 MobiVDI, MobiKEY, MobiKEY IBAD, DEFIMNET, MobiNET, Route1 MobiNET, TruOFFICE, TruFLASH, TruOFFICE VDI, MobiKEY Fusion, EnterpriseLIVE, EnterpriseLIVE VO, MobiNET Agent and MobiKEY Classic, are either registered trademarks or trademarks of Route1 Inc. in the United States and or Canada. All other trademarks and trade names are the property of their respective owners. The DEFIMNET and MobiNET platforms and the MobiKEY, MobiKEY Classic and MobiKEY Fusion devices are protected by U.S. Patents 7,814,216 and 7,739,726, and other patents pending.