Security Trends to Watch in 2010 – Symantec

November 30, 2009 · Filed Under Security Software, Software News · 1 Comment 

Symantec  2010 Security Predictions

Antivirus is Not Enough – With the rise of polymorphic threats and the explosion of unique malware variants in 2009, the industry is quickly realizing that traditional approaches to antivirus, both file signatures and heuristic/behavioural capabilities, are not enough to protect against today’s threats. We have reached an inflection point where new malicious programs are actually being created at a higher rate than good programs. As such, we have also reached a point where it no longer makes sense to focus solely on analyzing malware. Instead, approaches to security that look to ways to include all software files, such as reputation-based security, will become key in 2010.

Social Engineering as the Primary Attack Vector – More and more, attackers are going directly after the end user and attempting to trick them into downloading malware or divulging sensitive information under the auspice that they are doing something perfectly innocent. Social engineering’s popularity is at least in part spurred by the fact that what operating system and Web browser rests on a user’s computer is largely irrelevant, as it is the actual user being targeted, not necessarily vulnerabilities on the machine. Social engineering is already one of the primary attack vectors being used today, and Symantec estimates that the number of attempted attacks using social engineering techniques is sure to increase in 2010.

Rogue Security Software Vendors Escalate Their Efforts – In 2010, expect to see the propagators of rogue security software scams take their efforts to the next level, even by hijacking users’ computers, rendering them useless and holding them for ransom. A less drastic next step, however, would be software that is not explicitly malicious, but dubious at best. For example, Symantec has already observed some rogue antivirus vendors selling rebranded copies of free third-party antivirus software as their own offerings. In these cases, users are technically getting the antivirus software that they pay for, but the reality is that this same software can actually be downloaded for free elsewhere.

Social Networking Third-Party Applications Will be the Target of Fraud – With the popularity of social networking sites poised for another year of unprecedented growth, expect to see fraud being leveraged against site users to grow. In the same vein, expect owners of these sites to create more proactive measures to address these threats. As this occurs, and as these sites more readily provide third-party developer access to their APIs, attackers will likely turn to vulnerabilities in third-party applications for users’ social networking accounts, just as we have seen attackers leverage browser plug-ins more as Web browsers themselves become more secure.

Windows 7 Will Come into the Cross-Hairs of Attackers - Microsoft has already released the first security patches for the new operating system. As long as humans are programming computer code, flaws will be introduced, no matter how thorough pre-release testing is, and the more complex the code, the more likely that undiscovered vulnerabilities exist. Microsoft’s new operating system is no exception, and as Windows 7 hits the pavement and gains traction in 2010, attackers will undoubtedly find ways to exploit its users.

Fast Flux Botnets Increase – Fast flux is a technique used by some botnets, such as the Storm botnet, to hide phishing and malicious Web sites behind an ever-changing network of compromised hosts acting as proxies. Using a combination of peer-to-peer networking, distributed command and control, web-based load balancing and proxy redirection, it makes it difficult to trace the botnets’ original geo-location. As industry counter measures continue to reduce the effectiveness of traditional botnets, expect to see more using this technique being used to carry out attacks.

URL Shortening Services Become the Phisher’s Best Friend - Because users often have no idea where a shortened URL is actually sending them, phishers are able to disguise links that the average security conscious user might think twice about clicking on. Symantec is already seeing a trend toward using this tactic to distribute misleading applications and we expect much more to come. Also, in an attempt to evade antispam filters through obfuscation, expect spammers to leverage shortened URLs shorteners to carry out their own evil deeds.

Mac and Mobile Malware Will Increase – The number of attacks designed to exploit a certain operating system or platform is directly related to that platform’s market share, as malware authors are out to make money and always want the biggest bang for their buck. In 2009, we saw Macs and smartphones targeted more by malware authors, for example the Sexy Space botnet aimed at the Symbian mobile device operating system and the OSX. Iservice Trojan targeting Mac users. As Mac and smartphones continue to increase in popularity in 2010, more attackers will devote time to creating malware to exploit these devices.

Spammers Breaking the Rules – As the economy continues to suffer and more people seek to take advantage of the loose restrictions of the CAN SPAM Act, we’ll see more organizations selling unauthorized e-mail address lists and more less-than-legitimate marketers spamming those lists.

As Spammers Adapt, Spam Volumes Will Continue to Fluctuate – Since 2007, spam has increased on average by 15 percent. While this significant growth in spam e-mail may not be sustainable in the long term, it is clear that spammers are not yet willing to give up as long an economic motive is present. Spam volumes will continue to fluctuate in 2010 as spammers continue to adapt to the sophistication of security software, the intervention of responsible ISPs and government agencies across the globe.

Specialized Malware – Highly specialized malware was uncovered in 2009 that was aimed at exploiting certain ATMs, indicating a degree of insider knowledge about their operation and how they could be exploited. Expect this trend to continue in 2010, including the possibility of malware targeting electronic voting systems, both those used in political elections and public telephone voting, such as that connected with reality television shows and competitions.

CAPTCHA Technology Will Improve – As this happens and spammers have a more difficult time breaking CAPTCHA codes through automated processes, spammers in emerging economies will devise a means to use real people to manually generate new accounts for spamming, thereby attempting to bypass the improved technology. Symantec estimates that the individuals employed to manually create these accounts will be paid less than 10 percent of the cost to the spammers, with the account-farmers charging $30-40 per 1,000 accounts.

Instant Messaging Spam - As cybercriminals exploit new ways to bypass CAPTCHA technologies, instant messenger (IM) attacks will grow in popularity. IM threats will largely be comprised of unsolicited spam messages containing malicious links, especially attacks aimed at compromising legitimate IM accounts. By the end of 2010, Symantec predicts that one in 300 IM messages will contain a URL. Also, in 2010, Symantec predicts that overall, one in 12 hyperlinks will be linked to a domain known to be used for hosting malware. Thus, one in 12 hyperlinks appearing in IM messages will contain a domain that has been considered suspicious or malicious. In mid 2009, that level was 1 in 78 hyperlinks.

Non-English Spam Will Increase – As broadband connection penetration continues to grow across the globe, particularly in developing economies, spam in non-English speaking countries will increase. In some parts of Europe, Symantec estimates the levels of localized spam will exceed 50 percent of all spam.

Source: Symantec Corp

Tags: , , , , , , , , , , , , ,

IBM introduces new software to accelerate workload movement to System z

November 23, 2009 · Filed Under Business Software, Productivity Software, Software News · Comment 

IBM announced 10 new software products to help companies lower application management costs by optimizing the System z mainframe for more workloads, such as data analytics, collaborative application development, application maintenance and other key business processes.

Given System z’s ability to reduce costs through server consolidation, IBM and the industry have aggressively extended the breadth of new workloads for the mainframe via 3,800 z/OS-based and 3,000 Linux-based applications. The unique ability of the mainframe to host many application services on one system has helped System z achieve one of the industry’s lowest application costs per user. Minimal application costs are important for companies which rely on multiple applications to run their business.

The new products span IBM’s software portfolio to provide a range of benefits for System z customers. The benefits include optimal application connectivity, productivity, security and data management.

The new offerings complement IBM’s recent announcement of seven integrated hardware, software and services packages — IBM System z Solution Editions — to help customers deploy new enterprise workloads, such as data warehousing, electronic payments and disaster recovery.

The new products include:
– IMS 11 provides direct SQL access to IMS data from any distributed platform. This simplifies and speeds the process of connecting applications and data, while also enabling easier data replication and change capture processes. Enhanced Java support expands the number of developers available to support IMS applications and business services.

– New products from WebSphere to enhance business process management, connectivity and integration including: WebSphere Process Server for z/OS V7, IBM WebSphere ILOG Business Rule Management Systems, WebSphere MQ for z/OS V7.0.1, WebSphere Message Broker for z/OS V7.0, and IBM Problem Determination Tools V10. These products are designed to help clients discover insights that enable innovation, maximize the value of business interactions, and optimize productivity and resources. For a full list and description of the new WebSphere products visit: www.ibm.com/smartwork/businessagility

To help clients cut application maintenance costs, IBM offers:
– IBM Rational Developer for System z version 7.6 provides a modern GUI development environment, to increase developer productivity and lower the costs associated with maintaining and building multi-platform applications. The new offering helps attract next-generation workers, consolidates multi-language development into a single environment and dramatically reduces CPU usage of up to 50 percent, minimizing budget
expenditures.
– IBM Rational Team Concert for System z version 2.0 uses a new common repository to help teams to work together, share assets, automate processes and deliver software faster. The software expedites response times and cuts costs by consolidating disparate development team infrastructures and automating software development across multiple platforms, which is important for tiered applications.

– An enhanced set of IBM Rational Compilers for C/C++, COBOL and PL/I reduce application MIP requirements, while increasing developer productivity and reducing both capital expense and overall development costs.

To help clients gain better insights about enterprise assets and lower network management costs, IBM offers:

– Tivoli Asset Discovery for z/OS removes unused and obsolete software and helps determine software usage to plan effectively for the future and to run smarter systems.
– IBM Tivoli NetView for z/OS 5.4 improves network and automation control for data centers and change management. It provides an understanding of how network availability and events impact the business, helping customers deliver smarter, more automated systems.
– IBM Tivoli zSecure provides a mainframe security solution for automated analysis and reporting of mainframe events and compliance dashboards that lower auditing costs helping companies run a smarter more cost effective system.

Telcordia, Sodifrance and HVB Unicredit are among the companies worldwide already benefiting from the long-term economics of the System z platform.

“Telcordia’s data systems are designed to provide consistently high throughput all the time. Each system averages five million transactions per day, supporting an average of 250 gigabytes of active data,” said Paul Gandolfo, a senior technical specialist in application development and performance at Telcordia. “Our customers bet their businesses on the services we provide, and we bet our service performance and reliability on IBM’s Information Management System. Downtime is not an option.”

“Building an agile development team requires a multiplatform approach and Sodifrance uses Rational Developer for System z and Rational Team Concert for System z to help application teams synchronize their efforts and improve collaboration,” said Hugh Smith, project manager of Sodifrance. “Rational on System z offers a powerful and valuable combination for any company that wants to boost its development team’s productivity.”

“Programmers that are using Rational Developer for System z have found that development is more comfortable than with our existing set of development tools,” says Almut Geiger of HVB Unicredit. “Debugging in particular is much faster. Features like syntax checking, content assist, multiple views and error identification make development easier. For example, when there were coding errors before, a developer had to find the correct line number in the code and then try to determine what was wrong with the code. Now they just click on an icon, and they are led directly to the position of the error. It takes people some time to get familiar with a new environment, but when they become familiar with Rational Developer for System z, we are seeing an estimated 15 percent increase in development efficiency and a 10 percent increase in testing efficiency.”

System z, visit http://www.ibm.com/mainframe

System z software, visit http://www.ibm.com/software/os/systemz

Source: IBM

Tags: , , , , ,

BitArmor launches new managed encryption software service

November 20, 2009 · Filed Under Security Software, Software News · Comment 

BitArmor offers integrated e-mail, USB and disk encryption solution delivered from the cloud

BitArmor, a leading provider of information-centric encryption software, today announced the availability of BitArmor DataControl 4.0, which includes delivery of encryption software as a managed service. The new service is the industry’s first integrated USB, e-mail and full disk encryption solution delivered from the cloud. BitArmor Managed Encryption is well suited for mid-market businesses, saving them time, money and deployment headaches while providing military-grade encryption to prevent data breaches and comply with state and federal data privacy regulations.

– Easy to afford – Saves tens of thousands of dollars
– Easy to deploy – Leverages existing infrastructure, no additional hardware required
– Easy to use – Encryption is completely transparent to users
– Easy to manage – Enterprise class security without the hassles

“A significant number of PCs and media devices carrying business-critical data aren’t properly encrypted, and this state of affairs is certain to cause disasters for enterprises,” said John Girard, VP and distinguished analyst in Gartner’s Info Security and Privacy Research Center. “Statistical odds suggest that this will happen to virtually every organization, whether small, midsize or large.”

Unlike large corporations, mid-market businesses do not always have the budget, IT resources or infrastructure in place to protect their data with enterprise-class security strategies and technologies. Through BitArmor’s SaaS (Security as a Service) delivery model, all customers can benefit from the advantage of commercial-grade, enterprise-class encryption and affordable data security.

“A.I.M. Mutual is committed to setting the standard in service excellence for our customers, which includes being on the forefront of addressing key data protection issues like the new Massachusetts’s Privacy Law,” said Ray Pata, Manager Systems and Programming of A.I.M. Mutual Insurance Companies, one of the top providers of workers compensation in Massachusetts and an “A” rated financial institution by AM Best Company. “BitArmor Managed Encryption is a great security model as it provides very strong but highly affordable encryption so A.I.M. Mutual can continue to protect our key assets in a fiscally responsible manner.”

“Our customers operating in a wide range of highly regulated industries need encryption as part of their overall defense strategy, but mid-sized companies don’t always have the resources needed to manage an enterprise deployment,” said Carl Kunzmann, Managing Partner of Wulf Consulting, an IT provider that specializes in managed solutions for mid-market businesses and is now offering BitArmor Managed Encryption to its clients. “A great example is Ursuline Senior Services, subcontractor to Pennsylvania’s Allegheny County Area Agency on Aging, which will use BitArmor Managed Encryption to provide an additional level of security and assurance that the confidential healthcare and financial data of the 5,000+ senior citizens it serves will not be compromised.”

As the inventor of patented Smart Tag(TM) technology, a revolutionary approach to data encryption that protects data wherever it goes, BitArmor is recognized for its ability to deliver strategic solutions for the industry’s most pressing data protection problems, including the industry’s only No-Breach Guarantee.

BitArmor Managed Encryption’s latest enhancements solve the unique data protection challenges of the small to medium enterprise market by providing military-grade encryption for laptops, USB devices and email attachments, in a simple-to-manage and affordable subscription-based SaaS model. This is in stark contrast to data encryption solutions offered by many vendors that are cost-prohibitive for smaller businesses because they require investments in disparate technologies, expert IT security resources, and dedicated servers.

New SaaS features with BitArmor Managed Encryption include:
Highest Grade of Encryption: Uses military-grade encryption to safeguard sensitive data;
Complete Control of Sensitive Data: Ensures customers’ sensitive data never enters the cloud by performing encryption processing functions on the client side;
Integrated Managed Encryption: Offers a single integrated managed disk, USB and e-mail encryption solution that is easy to use and completely transparent to end-users;
High Availability: Guarantees the highest level of availability with multiple redundant servers and offline capabilities that provide access to encrypted data in the event of a network outage;
Reporting for Compliance: Supports regulatory requirements with simple-to-use reporting capabilities;
Low Total Cost of Ownership: Allows administrators to easily deploy the solution within hours and securely manage users from a single console – without costly infrastructure investments or prior encryption and key management experience.

“Today’s businesses are faced with the seemingly impossible task of meeting data security requirements while managing IT costs,” said BitArmor CEO Patrick McGregor. “BitArmor continues to deliver the necessary innovations, like SaaS-based encryption, so that all companies can afford to protect their critical data without sacrificing business growth. BitArmor provides consistent value even as regulations and impending risk threats evolve.”

Source: BitArmor

Tags: , , , , , , , ,

WatchGuard launches new family of E-mail security appliances for small to medium sized businesses

November 18, 2009 · Filed Under Internet Software, Security Software, Software News · Comment 

WatchGuard, Leader of Unified Threat Management Appliances, Expands Offerings; Unveils New Family of E-mail and Spam Security Appliances

WatchGuard® Technologies, a global leader of business security solutions, launched a new family of extensible content security solutions specifically designed for small to medium sized businesses. These new appliances fall under the umbrella of the WatchGuard XCS platform and provide advanced protection against spam, viruses, spyware and malware, as well as reliable, always-on e-mail security and full featured centralized management and reporting.

“Small to medium sized businesses stand at the crossroads of being the most at risk to an e-mail based threat, and yet, the most challenged to have state of the art e-mail and spam protection,” said Bryan Nairn, Senior Product Manager at WatchGuard Technologies. “Until now, these businesses had few options for spam and malware protection. With WatchGuard, they can have a no compromise, fully featured messaging protection solution at an affordable price point.”

The WatchGuard family of XCS appliances for SMBs consists of the WatchGuard XCS 170, the XCS 370 and the high-performance XCS 570 series. All of these appliances come complete with the WatchGuard e-mail security suite, which provides advanced protection against spam, phishing, viruses, malware and other forms of e-mail based threats. Additionally, they all sport advanced management and reporting capabilities, which include archiving, on-box reporting, messaging logs, customizable granular policies and reports, TLS encryption and message redundancy.

Furthermore, these WatchGuard XCS appliances can take advantage of WatchGuard’s innovative in-the-cloud security technology, ReputationAuthority. With 99.99 percent accuracy, ReputationAuthority eliminates up to 98.3 percent of spam e-mail before it ever gets to a small business network by use of DNS blacklists, IP traffic volume, behavior analysis and content inspection. Given that spam e-mail is a major carrier of viruses, phishing and blended threats, having ReputationAuthority pre-screen and eliminate this unwanted traffic makes networks, applications and data better protected as part of WatchGuard’s defense-in-depth architecture.

For larger businesses with up to 1,000 users, WatchGuard offers the XCS 570 appliance, which provides advanced messaging security for businesses that truly require enterprise-grade protection. For these customers, the WatchGuard XCS 570 provides bi-directional protection from internal and external threats, as well as data loss prevention to keep confidential information from escaping out of organization e-mail boundaries. To keep mail from ever being lost due to failures or other events, the XCS 570 provides queue replication, a first for a product at this price point. As well, the XCS 570 includes compliance dictionaries, content filtering, outbound attachment control and scanning, outbound content scanning, optional third-party e-mail encryption, e-profiling, instant-on data loss prevention, and clustering – all making the XCS 570 an unbeatable solution for small to mid-sized organizations.

Pricing and Availability

The WatchGuard XCS series of appliances will be available worldwide from WatchGuard channel partners within 30 days. The WatchGuard XCS 170 starts at $2,475, the WatchGuard XCS 370 is $5,500 and the WatchGuard XCS 570 is $8,500; all have no per user license fees.

Source: www.watchguard.com

Tags: , , , , , , ,

Panda Cloud Antivirus emerges from Beta, bringing free, proven PC Protection to the masses

November 10, 2009 · Filed Under Internet Software, Security Software, Software News · Comment 

Panda Security goes beyond the basics with world’s most lightweight and complete free anti-virus service for home users

Panda Cloud Antivirus, the industry’s first and most comprehensive free cloud anti-virus service that protects consumers PCs against the latest malware, spyware, rootkits and viruses, emerged from beta after six months of user testing. To experience the expanded performance and support capabilities of Cloud Antivirus, as well as benefit from both online and offline security protection, consumers can download the free service from Panda Security at http://www.cloudantivirus.com/.

“Since the beta release of Panda Cloud Antivirus in April, we have been judiciously testing our cloud-based protection model, making upgrades in security and performance, and listening to our user community,” said Juan Santana, CEO of Panda Security. “With Panda Cloud Antivirus 1.0, we’ve really changed the game, providing our users the most powerful and lightweight free protection available on the market today.”

Recognized for being “the first anti-virus without an update button”, Panda Cloud Antivirus delivers the fastest protection against the newest and most dangerous viruses. This is made possible thanks to Collective Intelligence, Panda’s advanced system that gathers malware information from its global community of users in the cloud to automatically identify and classify new malware strains in minutes. Collective Intelligence combines local detection technologies with real-time cloud-scanning to maximize protection while minimizing resource consumption. Available in 11 languages, Panda Cloud Antivirus works under Windows XP (32 bits), Windows Vista (32bits and 64bits) and Windows 7 (32bits and 64bits) operating systems and only consumes 20 MB of RAM.

According to a recent PC World review of free anti-virus offerings:

“Among all of the free anti-virus software we tested for our latest roundup, Panda Cloud Antivirus was the best app at blocking known malware. The approach is intended to take advantage of the latest signatures without the need for signature-database updates-and if its excellent showing at detecting malware in AV-Test.org’s zoo of half a million samples is any indication, the approach works. Panda’s app produced an impressive 99.4 percent overall detection rate.”

Notable new features and upgrades to Cloud Antivirus from the initial beta include:

– New and improved interface makes Cloud Antivirus even easier to use
– Improved performance with cache optimization and memory management lowers CPU utilization and memory consumption
– New website and Collective Intelligence Monitor give users access to a list of malware from the community that is updated in real-time
– Online support forums now available at http://www.cloudantivirus.com/forum/index.jspa

Source: Panda Security

Tags: , , , , , , , , , , , , , ,

WatchGuard announces Top Threats to education

November 4, 2009 · Filed Under Software News · Comment 

Education-related Threats Expected to Rise – According to the U.S. Department of Homeland Security, 25 percent of all cyber-security breaches involve schools, and although a majority of educators believe that their campus networks are more secure now than last year, WatchGuard predicts that significant breaches, vulnerabilities and threats will continue to plague schools and universities. WatchGuard deems the following to be the leading network, application and data threats to education:

– Malware & Spyware - As students and faculty utilize the Web for education as well as entertainment purposes, many unwittingly expose themselves to drive-by downloads, or corrupted websites, which injects malicious forms of software on their computers. Once infected, they risk becoming victims of identity theft or loss of personal information via spyware and keyloggers.
– Viruses – Today, e-mail remains to be one of the primary vectors for delivering viruses. Unfortunately, a recent survey showed that 27 percent of users fail to keep their antivirus signatures up to date.  With viruses taking on innovative polymorphic properties, antivirus signatures alone may not be enough to stop the next wave of new viruses to come.
– Botnets – It has been estimated that 15 to 20 percent of all school and university computers connected to the Internet may be part of a botnet. As part of a botnet, school and university systems may be used in a variety of unknown exploits, including spam delivery, denial of service attacks, click-fraud, identity theft and more.
– Phishing – Phishing scams continue to get more sophisticated and selective, with students being specifically targeted. A recent report states that phishing attacks via social networks achieve a success rate of over 70 percent, which indicates that a majority of students are vulnerable to phishing scams.
– Hacking - In a recent survey of education IT professionals, 23 percent ranked student hackers as one of their greatest threats to their network security. Whether the hacks are designed to alter grades or for more sinister purposes, student hackers continue to push the envelope for network and data protection.
– Access Control – Usage of mobile devices and wireless access continues to plague network administrators. Concerns of thwarting unauthorized user access to education IT resources is top of mind with many administrators. As use of mobile devices escalates, schools will face
increasing challenges in managing authorized network access.
– Social Networks – The number one threat to school and university networks is social networks, such as Facebook and MySpace.  Unfortunately, social networks act as an ideal platform to launch a myriad of attacks against students and faculty, including spam, viruses, malware, phishing and more. Adding to this, socially engineered attacks are often extremely successful due to the “trusted” environment that social networks create.

– Because of the sensitive nature of student and faculty information, such as social security numbers, credit card information, and other personal identifying data at risk, WatchGuard recommends that schools and universities review their security controls and IT policies regularly to ensure they have the most effective, up-to-date security solutions in place.

Source: WatchGuard Technologies

Tags: , , , , , , , , , , , , , ,

VASCO Data Security launches DIGIPASS Authentication for Windows Logon

November 3, 2009 · Filed Under Security Software, Software News · Comment 

VASCO Data Security Inc. announced the launch of ‘DIGIPASS Authentication for Windows Logon’. DIGIPASS Authentication for Windows Logon offers companies of all size a cost effective way of protecting their Windows PCs which are connected to the corporate network, against unauthorised access.

With the availability of ‘DIGIPASS Authentication for Windows Logon’ VASCO also announces the availability of IDENTIKEY Server Enterprise Edition. IDENTIKEY is VASCO’s comprehensive authentication server for network and application security offering OTP and e-signature capability.

IDENTIKEY Server Enterprise Edition

With IDENTIKEY Server Enterprise Edition, VASCO makes IDENTIKEY based strong authentication available to a vaster range of enterprises from large companies to smaller enterprises, starting at 5 users. VASCO’s IDENTIKEY offering consists of a number of standard packages:

Standard Edition: includes authentication through RADIUS on a single server
Gold Edition: comprises authentication through RADIUS and on IIS-based applications and can be installed on a Primary server with replication on a backup server
Enterprise Edition: includes authentication through RADIUS and on IIS-based applications, as well as internet hosted business applications and offers DIGIPASS Authentication for Windows Logon.  This edition includes licenses for 7 servers.

The solution is made extremely convenient and simple, which makes it suitable for VASCO’s channel partners to implement and straightforward for the SME to use. Furthermore the solution is highly scalable: applications and users can easily be added as the company grows.

Traditionally companies start to secure their remote access with DIGIPASS strong user authentication. The use of static password, the weakest link when it comes down to security, is replaced with a dynamic One-Time Password (OTP) generated by DIGIPASS®.

As their understanding of strong authentication grows, they look to secure other applications with the same DIGIPASS, like portals, e-commerce, online applications.

Large enterprises increasingly look at authentication to secure their business critical applications including CRM, ERP, payroll systems, SaaS-applications,… These enterprises often have offices all over the world and largely depend on network infrastructure to communicate between offices. IDENTIKEY Enterprise Edition is ideally suited for distributed environments: it can be installed on up to 7 servers offering a high availability solution for authentication and supporting the distributed working environments of large enterprises.

IDENTIKEY is based on VASCO’s core VACMAN® technology and customers can choose from a wide range of DIGIPASS authenticators, both hardware and software based, which best fit the need of the end-user.

DIGIPASS Authentication for Windows Logon

DIGIPASS Authentication for Windows Logon offers companies of all size a cost effective way of protecting their Windows PCs which are connected to the corporate network, against unauthorised access. Even when laptops are not connected to the LAN, they remain protected, increasing the security of data stored on them in case they go missing or get stolen.

‘DIGIPASS Authentication for Windows Logon’, a feature of IDENTIKEY Enterprise Edition, is installed as a small software module on the end user’s Windows environment. It can be installed on desktop PCs and laptops that are connected to the corporate network. As soon as ‘DIGIPASS Authentication for Windows Logon’ is setup, it replaces the original login window by a version that will send the login credentials to IDENTIKEY Server for verification.

When laptops are used outside the corporate network, for instance on the road or at home, the log-on module will work in unconnected mode, allowing the same strong authentication functionality as in connected mode. If the computer works in unconnected mode, the login credentials are validated against a local database of one-time passwords. These OTPs are generated when the PC is working in connected mode, and they are securely encrypted and stored. With thousands of OTPs generated upfront, the user can work for several weeks in unconnected mode.

“The need for authentication is only growing. With IDENTIKEY and a single DIGIPASS, enterprises can secure the access to corporate networks, applications and business critical data. With the extension of the IDENTIKEY product-line with standard packaged solutions and adding DIGIPASS Authentication for Windows Logon, we are able to reach out to more enterprises, ranging from the 5-employee enterprise to the multi-national with several offices worldwide,” says Jan Valcke, President and COO at VASCO Data Security.

Tags: , , , , , , , , , , , , , , , ,