Heartbleed is very dangerous, but not to Power LogOn.
This week the cyber security community has been a buzz about the OpenSSL vulnerability and the Heartbleed bug. This is a very serious problem and tech companies are scrambling to plug the holes, get patches out to companies and help them implement the fix.
I have been getting calls from our customers asking if the client / server communication channel in Power LogOn is safe from the Heartbleed bug. I’m happy to assure every Access Smart customer that the Power LogOn channel is secure.
There are many different security communication protocols available on the market. Access Smart’s engineers decided not to use or rely on the OpenSSL cryptographic functions. Instead we choose a different NIST FIPS 140-2 approved cryptographic library.
After the different websites have updated their OpenSSL and assigned new keys, IT administrators will want to update all employee passwords. This is very easy to do with Power LogOn. IT can change every password as frequently as they deem necessary without the employee having to know, remember or type them.
Security has always been a cat ‘n’ mouse game. Access Smart is constantly monitoring this and other vulnerabilities and when something happens we evaluate and make necessary adjustments.
Rest assured, the Power LogOn server channel is secure from the Heartbleed bug.
About Access Smart
Founded in 2005 and headquartered in Ladera Ranch, California, Access Smart, LLC is a one-stop-shop offering a wide range of Single Sign-On cyber access control products (software, licenses, cards and readers) to make network multi-factor authentication deployment fast, easy and inexpensive. We are dedicated to empowering businesses, agencies and institutions to securely regain control over their computers and networks at the point of entry. Authentication, authorization and non-repudiation do not have to be cumbersome to be effective. That’s why our products are designed using state-of-the-art security technologies while focusing on ease-of-use and low-cost-of-ownership.
Previously, smartcard technology was only affordable to large government agencies and Fortune 500 companies. Access Smart has turned that model upside down by utilizing existing infrastructures and matching the technology to the needs. For example: you can use existing badge technologies, you have no backend server modifications, there are no annual subscription fees, and all your licenses are transferable.
Please contact Access Smart for a no obligation consultation on how best to implement Authentication, Authorization and Non-Repudiation into your business. Access Smart – The Alternative to PKI.