Software Associates. » identi http://www.software.co.il Security and compliance specialists for medical device and healthcare companies Wed, 08 Feb 2012 06:36:35 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 Preventing inside jobs with dynamic security http://www.software.co.il/2009/10/preventing-inside-jobs-with-dynamic-security/ http://www.software.co.il/2009/10/preventing-inside-jobs-with-dynamic-security/#comments Tue, 13 Oct 2009 11:02:41 +0000 Danny Lieberman http://www.software.co.il/wordpress/?p=1996 I was talking to Ilan Meller from Identiwall recently. Ilan was a SVP at CA and his latest company is doing serious work with strong identity and authentication management. They have over a million installed home banking users in Israel.. Ilan told me about three product lines – Identiwall for Secure online transactions, Identiwall VPN and Identiwall Dynamic security that was developed for an Israel defense customer. I thought that Dynamic Security was the most impressive of the 3 products – I’ll let you decide.

Identiwall  for secure online transactions

Target market - online banking, online insurance

Product status: Leading product in Israel for online banking strong identification, authentication, anti-phishing, strong session security. Currently, over 1 million end users

Unique features

  • No end user client software or hardware device required
  • Minimal changes to Web application, hooks into ISAPI layer or Apache module
  • Separate security server, not exposed to Web application server vulnerabilities
  • Session risk management which is maintained external to server side session, i.e. Cannot be corrupted or attacked. It examines navigation patterns – can detect an automated attack pattern within a short time frame, or URL hacking, session hijacking, where the attacker goes directly to a particular URL, bypassing the normal application navigation performing content inspection in order to detect and stop phishing

Identiwall-VPN

Target market: Existing VPN users who rely on Radius authentication and/or tokens and want to improve security and reduce costs

Product status – production product

Unique features

  • Strong 2 factor authentication
  • Replacement for RSA/Checkpoint tokens
  • Cheaper, more flexible, without requiring hardware devices

Identiwall-Dynamic security

Target market-Companies with large number of employees on multiple office building floors, multi-building campus

Product status – production product developed for Israeli defense clients. Currently in use by institutions in US and Europe, clients like Fortis.

Product brief

Integrates and correlates physical and logical security. Detects multiple user logins from multiple physical locations at same time, logins of employees who have left the building. Used to detect inside jobs. For example – installed in HQ of a company with 1200 employees. Security officer established a threshold to purchase if the system would detect at least 2 events/day – the system detected an average of 37 security events/day in the first week

Unique features

  • Can detect inactive Pcs and automatically shut them down for big energy savings
  • Can detect movement of RFI-tagged laptops
  • Automated FBI: forensics based investigation on event discovery. Backtracks through logs, logins/logouts/failed logins. Aggregates access rights in order to detect users who are working in collusion.

]]> http://www.software.co.il/2009/10/preventing-inside-jobs-with-dynamic-security/feed/ 0