Enterprise Password Management System

Archive for data security

Password security done right by LivingSocial

By Dovell Bonnett · Comments (0)
Wednesday, May 1st, 2013

Accept it; cyber-attacks are happening to your company too. 

passwordYou may have seen in the news that LivingSocial recently experienced a cyber-attack where 50 million customers’ name, email address and password were exposed.  While that news typically makes the headlines, what is not being emphasized is everything that LivingSocial did right to safeguard their customer’s personal data.

 

Accept it; cyber-attacks are happening to your company too.  The hacker’s strategy is to prey on the psychology of employees.  Spear phishing, watering hole attacks, social media and poisoned SEO sites s are just some of the weapons of choice.  According to Symantec, businesses in 2012 with 2,500 or fewer employees were the targets of 50 percent of the attacks, and those businesses with fewer than 250 employees accounted for 31 percent of the attacks.  Here are some other 2012 statistics to confirm the statement that, “there are two types of businesses, those that have been hacked and those that don’t know it yet:” Read More→

Comments (0)
Categories : Cyber Security, Multifactor Authentication, Password Authentication, Password Management
Tags : , , , , , , , ,

Are your customers asking you for a Logical Access Solution?

By Dovell Bonnett · Comments (0)
Wednesday, April 24th, 2013

Looking for a Logical Access Partner to handle all the IT concerns?

Logical AccessWe had a great presence at the ISC West 2013 conference in Las Vegas.  One recurring theme we heard from ID resellers was their desire to offer their existing customers a value add, card based, logical access solution for network security. 

I want to help you secure these new logical access business opportunities.

Companies, healthcare and government agencies are looking for multifactor cyber access control because of the increase in data breaches, implementation of privacy laws like HITECH, HIPPA and CJIS, and their overall concern for network security.  Our Power LogOn cyber access control allows you to add logical access to almost any type of ID badge your currently sell. And best of all, it only takes a few hours to install.

Access Smart wants to be your IT security partner.  It is our policy to work with you so you can offer your customers a multi-factor cyber access control solution.  Here is my promise to you:

     1.  You retain full ownership of your customer.

     2.  You will be a reseller of our Power LogOn.

     3.  We will assist you and your customer on all IT integration, training and support.

Logical access control does not need to be scary, cumbersome, or expensive when you have a partner with 20-years of industry experience.  If you are interested in expanding your business, up selling your existing customers and increasing revenue at no risk to your business, then please call me to learn more.

Data security begins with cyber access control. Cyber access control begins with Power LogOn.

 

Keep up with Cyber Access Control by subscribing to our blog headlines.

Best regards,

Dovell Bonnett
Founder and CEO
Access Smart, LLC
E: Dovell@access-smart.com
W: www.access-smart.com
P: 949-218-8754

Comments (0)
Categories : Cloud Security, Cyber Security, Cyber Warfare, Data Security, Multifactor Authentication, Online Security, Password Authentication, Password Management, physical access
Tags : , , , , , , , , , , ,

Trust Google with your Physical Access?

By Dovell Bonnett · Comments (0)
Tuesday, April 23rd, 2013

Industry Buzz about NFC Technology for Physical Access

NFC Physical AccessI have always believed that any two competing technologies have their advantages when placed in the proper environment. Whether it’s a contact versus contactless smartcard, or NFC versus RFID card, both can do the same function but which is it the best use of the technology?  For example, contact smartcards are horrible for physical access due to reader wear and exposure to weather environment. 

 

I often see a company who falls so in love with their technology that they forget to understand the customer’s problem.  They are playing the game of “technology looking for a problem.”  That is what NFC for physical access may be doing.

  Read More→

Comments (0)
Categories : Cyber Security, Data Security, physical access
Tags : , ,

Access Smart Shows Cyber Access at ISC West 2013

By Dovell Bonnett · Comments (0)
Friday, March 22nd, 2013

Cyber and Physical Access on One Card

Visit us at the Ingersoll Rand Booth #20029

Security experts agree that multi-factor authentication is the best way to safeguard against cyber attacks. Now businesses, agencies and institutions can secure the two most important front doors: The building and the computer network. Access Smart delivers a very extensive product offering where employees will no longer have to remember, type or know their computer passwords. Cyber security begins with network access authentication, and network access authentication begins with Power LogOn.

Access Smart will be demoing Power LogOn – Cyber Access Control work with aptiQ physical access in Ingersoll Rand’s booth #20029 at ISC West 2013 in Las Vegas. Click here to read our Data Sheet “Cyber and Physical Access Control – One Card

 Cyber Access Control

Comments (0)
Categories : Cyber Security, Cyber Warfare, Data Security, Data Theft Prevention, Healthcare, Hospital Information System, Identity Theft, Industrial Espionage, Multifactor Authentication, Online Security, Password Authentication, Password Management, Power LogOn, Smartcards, Social Networking
Tags : , , , , , , , , , , , , , , , , , , , ,

HITECT MultiFactor Authentication for McKesson HIS

By Dovell Bonnett · Comments (0)
Thursday, February 14th, 2013

Multifactor Authentication required by HIPPA & HITECH

Multifactor authenticationAccess Smart® adds multifactor authentication to McKesson’s Paragon Hospital Information System (HIS) software. Access Smart’s Power LogOn® application requires no modifications to the Paragon software so integration is fast and easy. With Power LogOn, hospitals, clinics and other health-care providers can now address their HIPAA and HITECH compliance concerns while protecting patient’s private records. “You can’t have the health-care reform act without electronic health records,” says Judy Hanover, a health-care technology industry analyst at IDC. True, but you can’t have privacy without first authenticating who is accessing your electronic health records.

Access Smart analyzed the Paragon HIS software and quickly updated Power LogOn to now auto-launch Paragon, auto fill-in the user name and password fields, and auto shutdown Paragon when the smart card is removed. Furthermore, Power LogOn ties into Active Directory so virtually any computer, network, internet site, cloud and application that requires a user name and password can easily be secured by the same smartcard. Power LogOn can also be added to RFID access control cards for a single card solution. Read More→

Comments (0)
Categories : Cyber Security, Healthcare, Hospital Information System, Multifactor Authentication, Password Authentication, Password Management, Smartcards
Tags : , , , , , , , , , , , ,

HIPAA Healthcare Data Breach Fines Climb

By Dovell Bonnett · Comments (0)
Monday, January 14th, 2013

HIPAA Healthcare Data Breach Fines Climb With Enforcement Boost

Re-Post By Robert Westervelt, CRN 1:48 PM EST Tue. Jan. 08, 2013

HIPAA Healthcare pays millionsMillions of dollars in fines associated with alleged violations of the Health Insurance Portability and Accountability Act have been doled out over the last six months, a sign, according to experts, that HIPAA enforcement is shedding light on the fact that the industry lags behind others when it comes to information security.

Healthcare organizations in Massachusetts and Idaho are the latest to agree to the fines for failing to protect sensitive patient data under the Health Insurance Portability and Accountability Act.

The former owners of a medical billing practice in Massachusetts and four pathology groups agreed to pay $140,000 for improperly disposing of medical records. The names, Social Security numbers and medical diagnoses of 67,000 patients were discovered in documents at a town waste transfer station. Read More→

Comments (0)
Categories : Cloud Security, Cyber Security, Data Security, Healthcare, Hospital Information System, Multifactor Authentication, Password Management, Power LogOn
Tags : , , , , , , , , , ,

Secure Your SAP Data with HSPD-12 Multifactor Authentication

By Dovell Bonnett · Comments (0)
Wednesday, January 9th, 2013

Power LogOn® Enhances Information Security of SAP® Data – Capabilities Study

HSPD-12 SAP DATASAP is the market leader in Enterprise Resource Planning (ERP) software solutions that include customer relationship management (CRM), product life management (PLM), supply chain management (SCM), supplier relationship management (SRM), and more.  SAP applications and services enable over 197,000 customers to operate profitably, adapt continuously, and grow sustainably.  With all that valuable and sensitive information, an IT administrator’s other concern is securing it to HSPD-12 compliance levels. 

Access Smart believes that for information security to be effective, it must never be cumbersome for the employee to use; otherwise, productivity decreases and eventually, security is compromised.  Passwords are still the most cost effective way to authenticate access to computer data.  However, employee managed passwords are the weakest link.  Access Smart’s Power LogOn is a multifactor, password manager solution for cyber access control that enables Information Technology (IT) administrators to secure and centrally manage all employees’ passwords.

 Implement HSPD-12 Government Privacy Compliance Regulations:

Strong, multifactor authentication for logical access has never been more important than now.  In many heavily regulated sectors like government, healthcare and finance, the government has legislated privacy protection.  By law, businesses, institutions and agencies must protect their customer’s personal information and IT environment from unauthorized access.  All these laws recommend two-factor authentication to secure data.  Since SAP manages most of this information, care must be taken that employees don’t circumvent security practices for their own convenience by writing password on sticky notes or using the same password everywhere.  Employee managed passwords can result in hefty fines for non-compliance of these privacy laws. Read More→

Comments (0)
Categories : Cyber Security, Data Security, Multifactor Authentication, Password Management
Tags : , , , , ,

Cyber Authentication – Google Weak on Password Management Systems

By Dovell Bonnett · Comments (0)
Thursday, December 13th, 2012

When it comes to cyber authentication, the weakest link is the user.

Cyber authenticationCyber authentication is a hot topic in today’s world of Malware, Cyber Warfare, BYOD, Cloud Computing and Hackers. In a recent Google Password Management blog, “Google Password Management Tips To Increase The Security Of Your Accounts” they asked if your Gmail account is safe. They then give seven tips on how to improve password security. These tips, while basically correct, are so old and have been said ever since the first password was issued that they fail to address the real problem: the human element.

We all know the problems with passwords: there are to many, they need to be complex, IT makes you change them every 90-days, and we can’t remember them all. These Google tips should also be classified as: Policy, Technique, or Management. Security typically is weaker when people are expected to securely “manage” the  ”techniques.” Finally, even if you followed all these Google tips you still will be vulnerable because of the password cracking tools and attacks being used. While some are saying that password security is dead. I full disagree since passwords are one of the fundamental cyber authentication methods. So let’s review these tip. Read More→

Comments (0)
Categories : Cloud Security, Cyber Security, Cyber Warfare, Data Security, Identity Theft, Multifactor Authentication, Online Security, Password Authentication, Password Management, Social Networking, Uncategorized
Tags : , , , , , , , , ,

Cyber Warfare Protection Start With Cyber Authentication

By Dovell Bonnett · Comments (0)
Sunday, December 2nd, 2012

Cyber Security begins with Network Access Authentication

Network Access AuthenticationMy first Law of Computers took a step backwards on November 20, 2012 with the announcement of the Pentagon’s new Cyber Warfare Central proposed by DARPA, Code Name “PlanX”.  The Pentagon is giving birth to a brand new, baby branch. Besides the Army, Navy, Air Force, Marines and Coast Guard we now have the Geeks. I wonder if their anthem will be the theme from Star Trek and the service men and woman will use the famous “three finger salute” to honor each other.

The DARPA proposal states:

DARPA is soliciting innovative research proposals in the area of understanding, planning, and managing military cyber operations in real-time, large-scale, and dynamic network environments. Plan X will conduct novel research into the nature of cyber warfare and support development of fundamental strategies needed to dominate the cyber battlespace. Proposed research should investigate innovative approaches that enable revolutionary advances in science, devices, or systems. Specifically excluded is research that primarily results in evolutionary improvements to the existing state of practice.

Cyberspace is the new battlefield as I blogged about earlier. Identity theft has migrated into cyber warfare. It’s no longer about governments attacking governments, armies against armies, or radicals against governments. Everyone and everything is a target: civilians, corporations and infrastructure are part of the cyber battlefield. The cyber warriors are found in their home basements, internet cafes, etc..

Network access has to begin before the firewall. Plan X only emphasizes the demand to implement my second Law of Computers – Law #2: Computers must first positively authenticate the user, determine that user’s rights and privileges, and leave an accountability record before executing its programs.

 

See FoxNews article, Inside ‘Plan X’:’ The Pentigon’s Plan for cyberweapon central for more cyber warfare information

Comments (0)
Categories : Cloud Security, Cyber Security, Cyber Warfare, Data Security, Multifactor Authentication, Password Authentication, Password Management
Tags : , , , , , , ,

Chicken Little Warns About Network Access Authentication

By Dovell Bonnett · Comments (0)
Tuesday, November 20th, 2012
Network Access Authentication

Copyright: Walt Disney Productions

USB Smart Card Readers for Network Access Authentication are Still Safe.

A number of online computer news sites are abuzz about a security team’s prototype malware that hijacks USB smart card readers. It seems that a research team out of Luxembourg has issues a “Proof-of-Concept” malware attack that can take over your USB smart card reader. While any malware notice is important and needs to be monitored, business may be wondering the severity of the attack and if they need to rip out their smart card infrastructure because their network access authentication is in jeopardy.

Here are my thoughts:

  1. This is only a proof-of-concept and not a deployed attack.
  2. Every piece of computer hardware and software are susceptible to malware.
  3. Security relies on many barriers and layers. If you’re vulnerable to one attack you probably are vulnerable to many others.
  4. If the computer is vulnerable to malware, then other more dangerous programs will more likely be installed like key loggers or the Zeus Trojan Horse. In that case there is probably no need to attack the smart card since these other programs are far more destructive.

Conclusion:

Companies don’t need to rip out all their smart card readers and replace them with the expensive keypad ones. Smart card reader companies will look into the potential malware vulnerability and make whatever driver modifications necessary. IT needs to keep an eye out for any driver updates and install them.

Finally, security has many levels and points of attacks. If you are concerned about your company’s vulnerability then contact a consultant and ask for a security assessment. We list some leading companies on our site under the partners tab.

Comments (0)
Categories : Cloud Security, Cyber Security, Data Security, Multifactor Authentication, Online Security, Smartcards
Tags : , , , , , , , , , , , ,
Next Page »

Follow Us on

Friend me on FacebookFollow me on TwitterAdd me to your circlesJoin my network on LinkedInFollow my company on LinkedInRSS Feed

Sign up for our mailing list.

Tweets


cyber security
cyber security
SiteLock

 

 

Power LogOn offers computer data security, computer access security, low cost of ownership, IT budget savings, compliance to the privacy protect laws, and more. It is the affordable alternative to PKI.


A single computer breach is now estimated to cost over $7.2 million per incident. The most overlooked security threat is not from outside, It’s your own employees! IT security policies may be making companies more insecure.


Over 90% of all computers, networks and web accounts use passwords. Power LogOn offers a low cost of ownership: 1) Test using our Administrator SDK; and 2) Customize card, reader and license orders.