Network Access Control Solutions & Protection | Enterprise Password Management | Access Smart

Flawed Two-Factor Authentication

True Two-Factor Authentication

MFAFor years I have had many heated arguments with different security companies and CISO’s that getting an additional logon code from your phone or IM is not true Two-Factor Authentication (2FA). Here’s why and here’s my proof.

Why:

  1. Authentication is always from the guard’s, sentry’s or computer software’s logon perspective. These gatekeepers want to know if you have in your possession the multiple identifiers required to gain access. Many people mistakenly look at Multi-Factor Authentication (MFA) from the user’s perspective as to the number of items they present.
  2. There currently are three factors or forms of identification: Something you Have (i.e. card), Something you Know (i.e. Password or PIN), and Something you Are (i.e. fingerprint). Presenting using only one of these factors is called Single-Factor Authentication and in today’s world this is considered very weak authentication.As a side note, a new factor is being discussed: Somewhere you Are. This is using the GPS in your smartphone to determine your location and if that location meets your travel habits. Frankly, I find this form of identification disconcerting in that my movements are being tracked. But that is for an entirely different discussion.
  3. By definition of MFA you have to present two of more dissimilar factors like Card-PIN, Card-Fingerprint, PIN – Fingerprint, or Card-PIN-Fingerprint. Two is stronger than One, but Three is even stronger than Two.

Typing in a password and then a text PIN is a Know-Know response. That’s because the user is doing the presenting and the guard sees two things the person Knows. The guard never authenticates the phone, and phones can be cloned or messages intercepted. A fingerprint and a facial recognition is an Are-Are recognition. A membership card and credit card is Have-Have. At least if they used a driver’s license with a photo then they have the Are part because of the photo. These are all examples of Double-Single-Factor Authentication.

Read More→

Organizations don’t have a password problem,

they have a

Password Management ProblemUNTIL NOW!

Power LogOn Has a New Look

New-Look-of-Power-LogOn---web

Multi-factor Password Manager for Business

Ladera Ranch, CA – Dec. 1, 2015Access Smart, LLC today announced the new look for Power LogOn.  For security to be effective, it also has to be convenient. All the features are still there, but now in a more modern and streamlined look, making it even more convenient for the user.

We all get frustrated managing our computer logon passwords. Often we end up doing silly things like writing them down on sticky notes or using one very simple password everywhere. Power LogOn – multi-factor password manager for business, adds an extra layer of cybersecurity during the logon process into computers, networks, servers, websites, and applications.

A cyber-attack can cost a company about $248 per record stolen. That’s why cybersecurity must start before the firewall. Power LogOn is an enterprise level, security-enhanced password manager. The greatest cyber threat to any company is employee managed user names and passwords. With Power LogOn employees don’t need to generate, remember, type or manage any of their company’s many logon accounts. Power LogOn enables a company’s IT administrator to centrally manage all passwords to match their security policies without any employee interaction or interference.

Power LogOn meets a broad set of international and industry-specific compliance standards, such as FIPS 140-2, HIPAA, CJIS and many others. Our customers now extend their data security from the employee’s finger tips all the way to data storage. Access Smart’s Power LogOn serves government agencies, healthcare, large corporations, universities, and small to medium sized businesses. Whether you have a small office network, or a multimillion dollar enterprise, Power LogOn works. Power LogOn recently received recognition from Microsoft for securing their Windows 10, Internet Explorer 11, Azure, Office 365, SQL Server and Window Server products.

Here are just a few of the benefits of Power Logon®:

 

Convenience

  • Employees no longer have to remember, type or manage passwords.
  • Employees self-enroll from their own computers.
  • Combine with physical access for single access ID card to manage.
  • Reduces help desk calls to reset passwords by 70% or higher.

 

Security

  • Full multi-factor authentication.
  • Secure logon into Microsoft Windows, Azure, Office 365, SQL Server, Windows Server 2000 and above, websites, and other third-party applications.
  • Enterprise password manager with high security features to meet all government privacy compliancy laws.
  • Passwords are centrally managed by IT and not by employees.
  • Encrypted password files stay within the organization’s network, and are not stored in some third-party, big data server that hackers target.

 

Low cost of Ownership

  • Power Logon® can often be added to an organization’s existing employee access control ID badges. No re-issuance or re-calling badges.
  • Works with a number of card technologies like magnetic stripe, 125 kHz Proximity, 13.56 MHz RFID, contact smartcards, CAC, PIV, CIV, biometrics, NFC, and more.
  • Our API code is available for third-party software integration.
  • Licenses are transferable to manage employee turnover.
  • No annual renewal or subscription fees on licenses.

 

About Access Smart®, LLC

Founded in 2005 and headquartered in Ladera Ranch, California, Access Smart, LLC (a certified CA Small Business) is dedicated to empowering businesses, agencies and institutions to regain control over their computers and networks at the point of entry. Authentication, authorization and non-repudiation do not have to be cumbersome to be effective. If you would like to know more or interested in becoming a reseller, please visit our site at www.access-smart.com.

 

# # #

 

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

For more information, press only:

Access Smart LLC, (949) 218-8754, info@Access-Smart.com.

 

Note to editors:  If you are interested in viewing additional information on Access Smart or Power LogOn, please visit http://www.Access-Smart.com.

Power LogOn® now supports Windows 10

Access Smart® Improves Cybersecurity with Power LogOn – Multifactor Password Manager for Business.

Office-with-Power-LogOn---smallLadera Ranch, CA – Nov 10, 2015Access Smart, LLC today announced that the Power LogOn software now supports all versions of Windows 10 and Internet Explorer 11.  Power LogOn – multifactor password manager for business, adds an extra layer of cybersecurity during the initial logon process to Windows 10/IE11 with an efficient authentication solution. Now IT can keep passwords secure, and employees don’t have to manage passwords.

A cyber-attack can cost a company about $248 per record stolen. That’s why cybersecurity must start before the firewall. Power LogOn complements computer logon by adding on a security-enhanced password manager. The greatest cyber threat to any company is employee managed user names and passwords. To access the power of Windows 10/IE11, employees don’t need to type in their user name and password. By removing this cybersecurity vulnerability, Power LogOn puts the control of sensitive data back in the hands of IT professionals where it belongs. Read More→

Access Smart is taking an active role in Data Privacy

Data Security first starts with Data Privacy

Data PrivacyLast week I had meetings with aids of Senator Boxer (D-CA), Senator Feinstein (D-CA), Congressman Becerra (34th Dist., CA), Deputy Secretary Bruce Andrews  (U.S. Dept. of Commerce), and finally the leadership for the U.S. House Small Business to discuss my concerns about data privacy and why I support the LEADS (Law Enforcement Access to Data Stored Abroad) Act of 2015. Read More→