Network Access Control Solutions & Protection | Enterprise Password Management | Access Smart
Enterprise Password Management | Cyber Access Control

CAC – Second Issue Focuses on Healthcare Security

CAC – Cyber Security for the Business Owner

CAC - Helathcare's Cyber Security StruggleAccess Smart announces the release of our second issue of CAC (Cyber Access Control) Magazine. The second issue of CAC focuses on the security concerns that healthcare providers face to protect patient medical information per the U.S. government’s HIPAA regulations.  Because security is a process and not a product, I have brought together many contributors to discuss these aspects.

HIPAA compliance is not easy, there are different  facets to it, and numerous other regulations for compliance.  For example there is employee training, physical security, electronic security, approved policy & procedure documents, encryption, electronic health records (EHR), and the list goes on.  Since security is made up of many parts, it only takes one weakness to bring the entire house down.  

Cyber Security MagazineThe cover art was picked to demonstrate the ultimate cost associated with a data breach.  HIPAA and the many other data privacy protection laws are complex and confusing; ignorance and non-compliance will no longer be tolerated by government authorities as an excuse for a breach.  Finally, while monetary fines and penalties amounting to millions of dollars are likely, there is also the threat that upper management will face prison time.   

The best course of action is to start educating yourself from these different industry experts.  Learn how they secure the healthcare market from their specialized point of view.

The conclusion I want you to come away with is that you first need to consult with trained security specialists and perform a total risk assessment.  Next, implement the technologies to fill any vulnerabilities.  Finally, once the security is in place have an insurance plan that covers your practice or business in case there is an attack.

You probably advise your patients to get an annual physical to identify any potential health risks before they develop into major complications.  Well, the same advice is true with your network security.  Once a breach occurs, the recovery costs back to wellness will be very high.  So please, get annual computer checkups so it’s not you on the cover.  

I hope you find the CAC valuable. To subscribe, simply click here.

 

Power LogOn is Heartbleed safe.

Power LogOn Heartbleed secureHeartbleed is very dangerous, but not to Power LogOn.

This week the cyber security community has been a buzz about the OpenSSL vulnerability and the Heartbleed bug.  This is a very serious problem and tech companies are scrambling to plug the holes, get patches out to companies and help them implement the fix.

I have been getting calls from our customers asking if the client / server communication channel in Power LogOn is safe from the Heartbleed bug. I’m happy to assure every Access Smart customer that the Power LogOn channel is secure.

There are many different security communication protocols available on the market. Access Smart’s engineers decided not to use or rely on the OpenSSL cryptographic functions.  Instead we choose a different NIST FIPS 140-2 approved cryptographic library.

After the different websites have updated their OpenSSL and assigned new keys, IT administrators will want to update all employee passwords.  This is very easy to do with Power LogOn.  IT can change every password as frequently as they deem necessary without the employee having to know, remember or type them.

Security has always been a cat ‘n’ mouse game. Access Smart is constantly monitoring this and other vulnerabilities and when something happens we evaluate and make necessary adjustments.

Rest assured, the Power LogOn server channel is secure from the Heartbleed bug.

About Access Smart

Founded in 2005 and headquartered in Ladera Ranch, California, Access Smart, LLC is a one-stop-shop offering a wide range of Single Sign-On cyber access control products (software, licenses, cards and readers) to make network multi-factor authentication deployment fast, easy and inexpensive. We are dedicated to empowering businesses, agencies and institutions to securely regain control over their computers and networks at the point of entry. Authentication, authorization and non-repudiation do not have to be cumbersome to be effective. That’s why our products are designed using state-of-the-art security technologies while focusing on ease-of-use and low-cost-of-ownership.

Previously, smartcard technology was only affordable to large government agencies and Fortune 500 companies. Access Smart has turned that model upside down by utilizing existing infrastructures and matching the technology to the needs. For example: you can use existing badge technologies, you have no backend server modifications, there are no annual subscription fees, and all your licenses are transferable.

Please contact Access Smart for a no obligation consultation on how best to implement Authentication, Authorization and Non-Repudiation into your business. Access Smart – The Alternative to PKI.

Cyber Access and Physical Access Demo at ISC West

You don’t have to be an IT sepecialist to offer your customers cyber access security. 

Cyber Access Control Single Sign-OnIf you are interested in combining physical access with cyber access contol then please drop by the Allegion booth (#20031) at the ISC West show in Las Vegas for a live demo.  Access Smart will be demonstrating a contactless Single Sign-On solution that works with Mifare, Prox of RFID technologies.  Employees will no longer have to remember, type, generate or know any company logon passwords.  Your IT administrator can now be in control and remove the weakest link in their security procedures, the employee managed password.

Here’s what you’ll see:

  1. Use the same aptiQ or prox card for contactless Single Sign-On (SSO) and physical access.
  2. Multi-factor authentication that meets the US Government’s security specifications.
  3. Licenses are transferable.  Builds on your existing IT architecture.  No annoying subscription fees.

Cyber security begins by authenticating who is accessing the network. Now you can offer your customers a one-card solution that secures a company’s physical and virtual doors. Drop by the Allegion booth #20031 to see how easy it is to combine physical and cyber access on the same card.

 

 

Cyber Security at ISC West 2014

Cybersecurity access at ISC West

Cyber Security and Physical Access on One Card.

Visit us at the Allegion Booth #20031

Cyber Security at ISC WestSecurity experts agree that multi-factor authentication is the best way to safeguard against a cyber attack.  Now businesses, agencies and institutions can secure the two most important front doors: The building and the computer network. Access Smart adds Single Sign On (SSO) cyber access control to aptiQ or Prox employee  ID badges.  Now employees will no longer have to remember, type or know their computer passwords.

Access Smart will be demoing Power LogOn – Cyber Access Control with aptiQ physical access in Ingersoll Rand’s booth #20029 at ISC West 2013 in Las Vegas. Click here to read our Data Sheet “Cyber Security and Physical Access Control – One Card

Cyber security begins with network access authentication, and network access authentication begins with Power LogOn.

Christmas Cyber Attack – Who’s to Blame?

A cyber attack Scrooged Christmas. Treat security as a process – not as a product!

cyber attack

 In reading articles about the resent Christmas cyber attacks, the authors’ key take away is that global companies are extremely vulnerable to cyber-attacks and data losses.  Guess what, so too are the small and medium size businesses.  Every business, healthcare service, government agency and educational institution is vulnerable since they all use many of the same technology components. So who’s to blame

 These last few weeks I have been asking the questions: “Who do you think should be held accountable for all the cyber breaches: the Merchants or the Technology companies?”  The responses have been most enlightening. Some blame the business owners, others the IT managers, some the technology companies, and some say all the above. Read More→