SecurEnvoy gibt SecurAccess Version 9 frei

Veröffentlicht am November 7th, 2017 von Fabian Guter

SecurEnvoy, Marktführer bei Multi-Faktor-Authentifizierung, hat die neueste und fortschrittlichste Version von SecurAccess, seiner Lösung zur Benutzerauthentifizierung freigegeben. Die aktuellste Iteration bietet eine Reihe neuer Funktionen, welche die Arbeit von Administratoren und Endanwendern einfacher und sicherer machen.

Zu den neuen Funktionalitäten gehören zusätzliche und verbesserte Authentifizierungsmöglichkeiten, wie die Unterstützung für das Yubikey-Hardware Token und ein vereinfachter „Ein-Klick“-Login über NFC. Gleichzeitig können Administratoren die Vorteile erweiterter Funktionen nutzen, beispielsweise eine REST-API, um die Integration mit Anwendungen der Kunden zu vereinfachen, und ein komplett neu entwickeltes Dashboard für Administratoren, mit dem die Verwaltung und Überwachung einfacher sind als je zuvor.

SecurEnvoy verstärkt Präsenz in der D-A-CH Region

Veröffentlicht am September 29th, 2017 von Fabian Guter

SecurEnvoy kündigt die Gründung der ersten europäischen Tochtergesellschaft an, die SecurEnvoy GmbH, mit Sitz in München an.
Die SecurEnvoy GmbH ist Teil der Wachstumsstrategie und stellt die ideale Plattform dar, unsere Authentifizierungslösungen in Europa verstärkt zu vermarkten.

Wouldn’t it be nice if we didn’t need passwords?

Veröffentlicht am September 28th, 2017 von SecurEnvoy

The day of the password is numbered – and that’s a good thing for users and admins

Wouldn’t it be great to live in a world where passwords just weren’t necessary? Where we could just turn on our laptops and get on with our day without the rigmarole of logging in?

Well yes, but with an estimated 1/5th of adults having had their personal emails and social accounts hacked at some point in the last year (source), that ship has well and truly sailed.  The good news is, the days of the clunky password are numbered. It’s a method of security which has long been unfit for purpose. Not only are passwords difficult to remember, they’re easily overcome by a would-be hacker. That’s hardly a winning combination.

But security is slowly becoming second nature to even the most laggardly of technology adopters. Where security used to be the concern of the IT geek, we’re reaching a point where it’s becoming almost invisible to the non-technically minded. Our phones and our banking apps are now recognising thumbprints and swipe patterns, taking the difficulty out of password entry.

That’s great progress, and one that stands businesses in good stead:  Our personal devices are crossing the boundary into our work lives on an increasing basis – BYOD is becoming the default mobile strategy for many businesses and folding users’ personal devices into corporate security policies is now a must. Phones in particular have become an extension of ourselves – they hold extensive personal information, from correspondence to contact numbers, and their use often dictates how we expect other software and hardware to behave.

I’m not pretending BYOD doesn’t pose its own challenges, but I do believe, by enabling users’ devices to become part of a security solution, adoption is made easier and security is strengthened. Multi-Factor Authentication needs to be intuitive to work well, and too often in the past it hasn’t been. But people are used to relying on their smartphones and they’re likely to be more comfortable with them than they are with an additional hardware device, enabling them to use their phone’s features – whether a simple text message, or more recent innovations such as NFC or biometrics, you can make the leap to Two-Factor Authentication in the office almost painlessly.

SecurEnvoy has been doing this for some of the most demanding industries for years. As a company, we’ve helped hundreds of businesses and thousands of employees adopt fully compliant multi-factor authentication that is so unobtrusive it’s meant heightened security has become routine. We might not have made the login process disappear, but we’ve made it more secure and a whole lot more intuitive.

If you’re thinking about implementing multi-factor authentication within your business, take a look at our “Ten commandments of MFA” infographic, which guides you through some of the most critical elements you should be considering.

SecurEnvoy auf der it-sa in Nürnberg

Veröffentlicht am September 26th, 2017 von Fabian Guter

Auch in diesem Jahr präsentiert SecurEnvoy seine Lösungen auf der it-sa in Nürnberg vom 10. bis 12. Oktober.
Sie finden uns in Halle 10.0, Stand 112 am Partnerstand unseres Distributors ProSoft.

Hören Sie spannende Vorträge zu EU-DSGVO und sehen Sie erstmals unsere neue Version 9!

 

Security and usability – two sides of the same coin?

Veröffentlicht am September 21st, 2017 von SecurEnvoy

Security doesn’t need to put obstacles in the way of genuine users.

Data security has been in the media again in the last couple of weeks, with the NHS and other major organisations being hit by the WannaCry Malware. Many have derided the victims for running out-of-date software, and blamed users for clicking on links they shouldn’t have. While I wouldn’t go as far as that – I sympathise with the legions affected by the outages and those working to resolve the problems – there is an underlying lesson to be learnt: To be truly effective, security has to be simple.

Users are human, they click links they shouldn’t, they hit the wrong button, and frankly, most of the time they just want to get on with their jobs.

And it’s here that many systems fail. By focusing on the worst possible scenario, rather than stopping to consider the wider impact on day-to-day operations and usage, some security platforms may make you feel like you’re in Fort Knox. But if they’re making the lives of your admins or your end users more difficult, they’re failing to do their job and potentially just kicking the problem into the long grass.

Frustration leads to bad decisions and bad actions. If your admin’s overworked, patches and updates don’t get done and warnings get missed, and if your users are forced to jump through hoops, they’ll find another way to get the job done – perhaps by downloading data to a personal device to circumvent those security hoops.

It’s easy to be paranoid – in fact, in our industry it’s healthy – but in a world where users expect ease of use to be built in to every device and programme they interact with, security must pay attention to usability if it is to truly integrate with the office environment.

We’ve all been there – trying to log in to that occasionally used bank account only to give up having failed to remember the three “memorable answers” or selected the wrong digit on the 8th drop-down menu on a page. We used to put up with it as a necessary evil, but technology – and our expectations – have evolved.

A decade of simple, secure access

That’s why, over the past decade, SecurEnvoy have sought to help our clients make their businesses more secure while making their staff’s jobs easier.

Many end users probably won’t recognise our name because we don’t get in the way. After a simple but highly secure confirmation of their identity – no longer than a standard Windows login – they’re up and running, with access to all the information and applications they need. They don’t even need to remember their passwords for third party applications like Salesforce – SecurEnvoy’s single sign on has done that for them, more securely than the standard interface.

I truly believe that the key to better security is better user experience and this philosophy is what has driven SecurEnvoy’s approach to multi-factor authentication for many years. That’s why our software enables our customers to identify end users using more authentication types than any other tool on the market, and why end-users and admins alike are such fans of ours.

If you’re thinking about implementing multi-factor authentication within your business, take a look at our “Ten commandments of MFA” infographic, which guides you through some of the most critical elements you should be considering.

The many success factors of Multi-Factor Authentication

Veröffentlicht am September 12th, 2017 von SecurEnvoy

With a lot of “young pretenders” in the market, there’s a real risk companies will choose hyperbole over real security benefits

If you’re only now looking at implementing multi-factor authentication (MFA) to protect your business, you might be surprised to learn just how long the technology has been around: we created the very first tokenless two-factor platform over 20 years ago, and, while we’ve seen our share of changes – and more than a few “competitors” come and go, there are a number of core truths around authentication which have remained constant.

There seems to be a lot of sudden interest in MFA at the moment – and that has to be a good thing for everyone’s data security – but when even the biggest companies start to misunderstand what they are implementing at the risk of their customers’ data, it’s time to stop, take stock and concentrate on the fundamentals of what makes good, proper multi-factor authentication such a powerful tool.

For us at SecurEnvoy – and the CIOs we talk to, there are a number of common concerns that dominate our approach to user authentication:

Keep things simple:

The very concept of MFA is simple:   using multiple authentication points – something you know, something you (and only you) have – makes unwanted access to data and systems much more difficult.  So why make using MFA any more difficult than it needs to be?

Think about the effort both your system and Admins and your end users will need to make to use and manage your chosen solution: if using it makes a noticeable dent in their ability to do their jobs, then it’s likely to fail: the best solutions are both easy to roll out and maintain, and offer a true single login to ALL users’ applications and devices.

Be flexible to user needs

When as much as 63% of all data breaches involve weak passwords, it’s pretty important to ensure your security solutions encourage good user behaviour. Forcing users to jump through hoops, simply to be able to do their day job rarely ends well – if logging in remotely is made difficult for example, users will quickly result to email or USB sticks to transport data, blowing a big hole in your security. And yet, I still see companies forcing users to carry dongles, or use phone-signal dependent SMS messages to log in.  The solutions that work best aren’t dependent on one, narrow method of operation, but instead flex to the individual’s preferences:  They want to use a mobile app? Or a QR code? Or even NFC? Then why not let them. They’ll be happier and more likely to act securely as a result.

Focus on the things that matter

The feature sets of some MFA solutions are starting to read like the options in a new car brochure – it’s sometimes difficult to work out what really makes you more secure, and what’s marketing fluff.  Is contextual data (something that no regulatory body recognises as beneficial) really going to make your business more secure?  Or would focusing on meeting real regulatory and industry compliance criteria be a better bet? Make sure you understand exactly where your authentication data is held (i.e. on your servers, on your providers’ servers, or on Google’s or Amazon’s) and what that could mean for your business.  Make sure you understand that your provider is in charge of their own destiny and not tethered to a third-party technology provider’s development pathway, and make sure they’ve got a track record of success.  The last thing you want is to be tied to a provider who holds you back.

Technology changes fast – keep an eye on the future

BYOD, Cloud computing, remote working, the march of technology is transforming the way we work at an astonishing rate. And with that comes new challenges for data security: 13% of data breaches last year came form lost or stolen laptops, while an additional 4% came from BYOD devices (this last stat is sure to grow in the years to come) Now it’s far from uncommon for an employee to access work documents from his or her own laptop at home, their mobile device while on the train, and a company machine when they reach the office.  Not to mention the advent of entirely new platforms such as wearables.

To ensure you make the right decision about your implementation, please take a look at our latest infographic which explores 10 key ways multi-factor-authentication should work for you.

UK-German Cyber-Security Forum in München am 26. Juli

Veröffentlicht am Juli 24th, 2017 von Fabian Guter

Der britische Generalkonsul Paul Heardman freut sich darauf, Sie am Mittwoch, den 26. Juli, zum 2.UK- German Cyber-Security Forum einzuladen.

In Kooperation mit dem Sicherheitsnetzwerk München veranstaltet das britische Generalkonsulat ein Cyber-Security Forum im Park Hilton in München.
SecurEnvoy ist mit einem Vortrag am Vormittag und einem Ausstellertisch für individuelle Gespräche vertreten.

Viele weitere Sessions und Vorträge, unter anderem auch zum Thema Automotive Security, versprechen einen interessanten Tag.

Die Teilnahme ist kostenfrei, Sie können sich einfach hier registrieren.

Wir freuen uns auf Ihren Besuch!

Citrix Enterprise Mobility Lösungen zusätzlich absichern

Veröffentlicht am Juli 13th, 2017 von Fabian Guter

Moderne Unternehmen erwarten maximale Effizienz von ihren IT-Systemen. Doch das unablässige Bestreben, größtmöglichen Nutzen aus den Technologie-Investitionen zu ziehen, hat manchmal seinen Preis.

Da Unternehmensmitarbeiter immer mobiler werden, sind Fernzugriffe mittlerweile gang und gäbe. Während die Beschäftigten früher meist an einem Desktop-PC saßen, der direkt mit dem Firmennetz verbunden war, können sie sich heute von überall her anmelden. Sie nutzen Laptops, Tablets, Mobiltelefone oder ein Thin-Client-Terminal und wollen einfach nur schnell online sein, um ihrer Arbeit nachgehen zu können.

Die Mehrzahl der Unternehmen erreicht diese neue Flexibilität mithilfe von Technologien von Citrix Systems, Inc.

Laut Zahlen, die das Marktforschungsunternehmen IDC für 2015 ermittelte, ist Citrix mit großem Abstand Weltmarktführer bei Virtualisierungslösungen und Produkten für Enterprise Mobility Management (z.B. XenApp, XenDesktop, XenMobile, Sharefile, GoToMyPC und Netscaler).

All diese Produkte leisten Hervorragendes in Unternehmen, die die Rendite ihrer IT-Investitionen maximieren und dabei ihre Remote-Benutzer optimal unterstützen möchten. Sie leisten jedoch nicht alles.

SecurEnvoy eröffnet Büro in München

Veröffentlicht am März 20th, 2017 von Fabian Guter

SecurEnvoy unterstützt seine Aktivitäten in den Regionen Deutschland, Österreich, Schweiz und Be-Ne-Lux mit der Eröffnung eines Büros in München, der IT-Hauptstadt Deutschlands. Die Eröffnung des Büros in einem Business Center im Münchner Traditionsstadtteil Giesing ist Teil des Wachstums- und Expansionsplans von SecurEnvoy und dient als Basis für die Aktivitäten in D-A-CH, Be-Ne-Lux und Zentraleuropa. Das Büro ist ausgelegt für die Aufnahme weiterer Mitarbeiter im laufenden Jahr und soll auch die Vernetzung mit der lokalen IT Industrie fördern.

SecurEnvoy attends the Citrix Technical Expert Council

Veröffentlicht am Januar 31st, 2017 von SecurEnvoy

SecurEnvoy are proud to be a validated tokenless two-factor authentication partner with Citrix Systems who are the global leader in virtual desktops, applications and cloud solutions. SecurEnvoy is a global leader in two-factor authentication and has been securing access to networks and data for more than 15 years.

Last week, our Senior Pre Sales Engineer in the Americas, Mike Urgero attended the bi-annual Citrix Partner Technical Expert Council two day meeting. …

no events to show

Tokenless Explained

Tokenless two factor authentication definition; What it is is a combination of two of the three alternatives; something I know, something I own or something I am such as biometric. SecurEnvoy use the something I know ( a username and a password unique to the individual) and something I have/own which is a mobile device. Either via SMS, an app, a secure email or a voice call SecurEnvoy allows the users to choose which is the favoured method of choice to the end user.

Using Apps as Authenticators

Software on a phone in the past was too difficult to deploy and manage. Now with the advent of the app stores form Apple, Blackberry, Android and Windows so its now free and easy to deploy. However its not necessarily secure, so SecurEnvoy invented a method that anyone with a smart device can have an app deployed but one that is unique and individual to each device. Only half the seed records are stored, the other half is at the server level; competitors however leave the whole seed on the device and charge for each and every one of them, moreover they are easy to lave on the device when its upgraded then leaving a potential security flaw! Lean how SecurEnvoy overcome this issue. More at www.securenvoy.com/animations/overview/animations.shtm

Sophos Encryption passwords; best practice with SecurEnvoy

Analysts Goode Intelligence discusses the best practice for managing Encryption Passwords. Specifically for Sophos SafeGuard working with tokenless leader SecurEnvoy.

Delays in SMS authentication

Goode Intelligence and SecurEnvoy discuss the SMS delays that tokenless authentication companies face and the patented [reloaded option SecurEnvoy invented and brought to market.

The History of SMS authentication - innovation

Alan Goode of Goode Intelligence speaks to Andy Kemshall of SecurEnvoy about the history of where SMS authentication came from, where was it first used and how it has progressed over the years.