Online identity theft, simply put, is impersonation on an online platform. If someone else pretends to be you — either by stealing your credentials and logging into your account or by creating a fake account that others believe is yours – then your identity has been stolen.
There are a number of ways – data breaches, phishing, mishandled passwords, and more – through which personal data collected by an organization can be compromised, giving rise to the risk of identity theft. There are also a number of ways in which Akku, the Identity and Access Management (IAM) solution by CloudNow, can help you prevent it.Continue reading Prevent Online Identity Theft with Akku
The AD connector which comes with Akku, allows organizations to use either their on-prem AD or Azure AD as the data source for authentication. Akku’s AD is agentless, which means that no additional software is installed in the client environment. Continue reading Akku’s Agentless AD Connector For Improved Security
If your organization relies on the cloud for a majority of its operations, you may want to look closer at the type of architecture your security solution uses – whether it is agent-based or agentless. While some might say that it is irrelevant and that you should focus only on the security solution’s efficiency, we beg to differ. Picking the right kind of cloud security solution can drastically affect your organization’s day-to-day operations and how much ownership you can take over the security solution.Continue reading Agent-based Cloud Security Solution? No thanks!
In recent times, you might have noticed user accounts being compromised by the millions, and yet companies refute these claims saying that their systems are secure and have not been attacked. In these cases, the companies are right – instead of a direct attack, the hackers may have performed an attack called ‘credential stuffing’. In this type of attack, hackers get their hands on usernames and passwords of one application or service and stuff the same credentials on another login for another digital provider.
For example, if you have used the same user ID and password for creating your Facebook and Twitter accounts, a hacker who has access to your Facebook user id and password can use the same for getting into your Twitter account. This does not mean that Twitter’s systems are faulty. It simply means that your credentials have been stuffed. Credential stuffing attacks use code injection techniques to test the credentials against multiple accounts like social media, online marketplaces, and bank accounts. Once access is gained, the hacker can get access to personal information, credit card information and other personally verifiable information.
In recent times, this type of attack has gained popularity due to the fact that most users use the same user ID and password for multiple accounts. The situation right now is precarious for most online users – a recent breach of breaches has given hackers access to a whopping 2.2 billion user IDs and passwords. It is called a ‘breach of breaches’ because a few hackers hacked into millions of Dropbox and LinkedIn accounts and compiled a list of plain text credentials. However, another team of hackers hacked into this list to compile an even bigger list of stolen credentials.
If you have built enterprise applications, how sure can you be that your users have created different passwords for all your applications? There is no way for you to know for sure. However, you could put in place a password policy which prevents them from using the same password for all the applications in your network.
Akku from CloudNow Technologies allows you to set custom password policies to help you standardize the passwords set by your users. You can also leverage it to prevent the setting of the same passwords. To know more, get in touch with us now.
“irgvctxmsr” – sounds like gibberish, doesn’t it? But if you were to decrypt this string using a mono-alphabet shift cipher where each letter has been shifted to the right by 4 numbers, you would see that it spells “encryption”!
Protecting critical data and information by encrypting them was first performed by Julius Caesar in 120 BC. The art of encryption has been through several modern shifts, and currently most of the data on the internet is protected using sophisticated encryption algorithms like AES (Advanced Encryption Standard), RSA (Rivest-Shamir-Adlemen), ECC (Elliptic Curve Cryptography) and PGP (Pretty Good Privacy).
Deciphering an encrypted message requires a key. Nowadays, messages are encrypted using public keys and decrypted using private keys. The private keys are shared privately between two trusted parties. Losing a private key can be disastrous, as encrypted messages can then be read by anybody with access to the private key.
Password Hashing
While encryption is a two-way function and is primarily done with the intention of being decrypted, password hashing is a one-way function. Hashing allows us to use a mapping function to map data of any size to a fixed length. The resultant output is called the hash value. Technically, hashing is reversible – however, the computing power required to get the original message makes it impossible for the original message to be decoded. Simply put, encryption protects the data in transit while hashing is used to authenticate the data and lets you know if it has been tampered with.
Here is how it works – consider that you have a digital document that you have digitally signed and uploaded to your website for another person to download. Now, you will run a hash function on the document and another one on your digital signature and encrypt the resulting hash values. Once a designated person downloads the document, the browser decrypts the hash values using a key and runs the same hash function on the document. If the resulting hash values are the same for the sender and receiver, it means the document and signature have not been tampered with.
Modern hashing algorithms include SHA (Security Hashing Algorithm), RIPEMD, WHIRLPOOL, and TIGER.
Salted Passwords
Salting is the process of adding an additional layer of security to the hashing process by adding a unique value to the end of the password and hashing the new password. By adding even one letter to your password and hashing it, you can change its hash value and make it harder for interceptors to find your password. For example, if your password is “V67gHD92”, you can add a unique character or string to the end of it and make it something like “V67gHD92SPICE”. Here, the word “SPICE” is called the salt.
Salting a password protects any data from brute force attacks in which bots attempt every possible combination of letters and numbers until the password is cracked. However, if the attacker knows your salt, the entire process of salting becomes worthless.
In this day and age where network and information protection requires meticulous planning and dedicated resources, we at CloudNow Technologies want to make things easy for you. Our network security solution Akku is designed to protect your network against sophisticated and high-level attacks. To know more about how we can help you protect your network, get in touch with us now.
Ever heard of the butterfly theory? A single flap of a butterfly’s wings in Australia has the potential to cause a tsunami in Indonesia. Similarly, a minor tweak in your IT infrastructure has the potential to make every node of your network vulnerable to serious attacks, irrespective of their relationship. To ensure that network security remains as streamlined as possible through any number of changes to your IT systems, it is crucial to add a virtually unhackable component to your network security.
Today’s MNCs were once small or medium businesses (SMBs). Small and medium businesses are the proving ground for emerging technology, as they have tight budgets and require specific, targeted functionality that suits their style and processes. Once products and solutions pass this litmus test, they start becoming more mainstream, being absorbed more widely by companies and consumers.
If a company works with very few applications, user repositories would have to be mapped individually for each application. Every new user needs to be validated with each individual user directories to be able to access the respective protected application. This means that the same user has to log in separately every time he/she wants to use each application on the network. The inefficiency of this model was reduced greatly with the advent of Active Directory and LDAP.
A significant number of identity and access management solutions have the need to work with Active Directory as the repository of user information against which access is verified. Active Directory generally controls user identity and access permissions to everything from files, networks, and servers, to on-premise and cloud applications. However, integrating an Active Directory or LDAP with on-premise and cloud applications require third-party agents to be installed on your network.
Is the only thing standing between your business’ critical data and a cyber attack a set of usernames and passwords? If yes, then it’s definitely time for a security upgrade for your cloud and on-premise applications.
We are increasingly using applications on our smartphones for business and personal purposes. Everyday activities have become much easier and more efficient to perform; what used to take us days to process can take us seconds today.
Adaptive authentication, method for enforcing the right authentication factors depending on users profile and tendencies. It acts to balance the level of trust against risk.
Adaptive authentication is the way that two factor authentication or multi factor authentication can be configured or deployed.
