Cyber Access Control | MFA Enterprise Password Management | Access Smart

Archive for Identity Theft,

Biometrics Are Less Secure Than Passwords

Biometrics give a false sense of security.

Biometrics authenticationOn Sept 23, 2015, Office of Personnel Management (OPM) revised the number of stolen fingerprint files to 5.6 million! Why should you care?

Some security pundits believe that biometrics are far more secure than passwords. They argue that since everyone has unique identifiers like their voice, iris, face and fingerprints, why not use these to authenticate a user in to a computer network? Sounds logical and from a theoretical perspective, it’s true. But major flaws become apparent during implementation. Read More→

Businesses Can Stop Identity Theft

87% of all business owners who seriously inquire about Power LogOn® end up buying it. Before I go into why, here are some new findings from Javelin Strategy & Research’s network access authentication partners for Access Smartlatest report 2013 Identity Fraud Report: Data Breaches Becoming a Treasure Trove for Fraudsters:

  • Identity fraud incidents and amount stolen increased—The number of identity fraud incidents increased by one million more consumers over the past year, and the dollar amount stolen increased to $21 billion, a three-year high but still significantly lower than the all-time high of $47 billion in 2004. This equates to 1 incident of identity fraud every 3 seconds. Read More→

Chicken Little Warns About Network Access Authentication

Network Access Authentication

Copyright: Walt Disney Productions

USB Smart Card Readers for Network Access Authentication are Still Safe.

A number of online computer news sites are abuzz about a security team’s prototype malware that hijacks USB smart card readers. It seems that a research team out of Luxembourg has issues a “Proof-of-Concept” malware attack that can take over your USB smart card reader. While any malware notice is important and needs to be monitored, business may be wondering the severity of the attack and if they need to rip out their smart card infrastructure because their network access authentication is in jeopardy.

Here are my thoughts:

  1. This is only a proof-of-concept and not a deployed attack.
  2. Every piece of computer hardware and software are susceptible to malware.
  3. Security relies on many barriers and layers. If you’re vulnerable to one attack you probably are vulnerable to many others.
  4. If the computer is vulnerable to malware, then other more dangerous programs will more likely be installed like key loggers or the Zeus Trojan Horse. In that case there is probably no need to attack the smart card since these other programs are far more destructive.

Conclusion:

Companies don’t need to rip out all their smart card readers and replace them with the expensive keypad ones. Smart card reader companies will look into the potential malware vulnerability and make whatever driver modifications necessary. IT needs to keep an eye out for any driver updates and install them.

Finally, security has many levels and points of attacks. If you are concerned about your company’s vulnerability then contact a consultant and ask for a security assessment. We list some leading companies on our site under the partners tab.

Ingersoll Rand Partners with Access Smart for Cyber Security

Ingersoll Rand Security Technologies / Access Smart Provide Cyber Security with Smart Cards

Affordable, smartcard based, enterprise password manager for Windows solution for network access authentication

cyber security begins with network access authenticationCARMEL, Ind – Sept. 6, 2012 – Ingersoll Rand Security Technologies, a leading global provider of security and safety solutions and manufacturer of contactless smart credentials and readers, announced that its aptiQ™ smart card users can now deploy the Access Smart® Power LogOn® as their password manager for Windows. No longer will employees have to self-manage their passwords, a practice which can easily lead to an expensive company security breach.

     “When employees self-manage their passwords, the network access authentication becomes very insecure. Passwords are written down, simple passwords are used and the same password is used for multiple sites and applications,” explains Dovell Bonnett, Access Smart founder and CEO. “IT administrators using Power LogOn in combination with aptiQ smart cards can now easily add secure network access authentication. Businesses of all sizes must comply with state and federal privacy protection laws and cyber criminals are aggressively targeting businesses. Power LogOn securely authenticates a user before they are allowed past the firewall.” Read More→

Employees Are Not Evil…

They Are Just Drawn That Way

PData security begins with network access authentication of employeesaraphrasing a line from Jessica Rabbit from the movie Roger Rabbit seems the appropriate comment from Geoffrey A. Fowler’s article “What’s a Company’s Biggest Security Risk? You.” Hence the headline: Employees Are Not Evil – They Are Just Drawn That Way. It is critical that employers be diligent in training their employees in online safety.

When your employees are online they are opening the door to danger. Be it opening phishing email attachments, writing passwords on sticky notes, plugging in USB drives found in the parking lot, using personal devices to access the company’s network, of hundreds of other social engineering attacks, data is the new currency of the internet age. And if it has value, there will always be someone wanting to steal it. Read More→