mail: info@xelios.es
Corporate Business Solutions
Globalization and the competitiveness of global economics create new problems that must be faced by businesses and industries. Whatever the investment policy is, it is geared to innovative product research or standardization of production methods. Optimization of results has become the main concern of the current economic actors.
MORE INFORMATION [+]in Corporations
To ensure protection of corporate information system, computer equipment companies should be alert to the constant evolution of the industry, ensuring the maintenance of standards and delivering solutions that enable optimization of production possibilities, ensuring system to prevent leakage of product information, etc. The latter task becomes increasingly complex in the internet age.
Currently almost all industries are equipped with antivirus, firewall, etc, so that the security of the company from the inside out is already present in the information system. However, internal security has been neglected. Charges to say in the computer world are increasingly aware of this: in most cases, the threat may be within the company. The business world today faces the following problems:
-
Authentication and password management.
-
Protection of remote access.
-
Protection of critical business information.
-
Accountability (and optimization information system).
-
Protection certificates.
Authentication and password
management
To protect against internal threats, companies have chosen password systems and valid statistical often “ad vitam aeternam” and used to protect access to sensitive applications information system. So log-export, financial data, trade data and search data, companies have installed some windows dialog requesting the password for users. These methods have proven to have great limitations. Highlighting only a few of them:
Using a too simple password: Each user saves a minimum of 10 different passwords and to access their information they will have to use a simple password with between 4 and 6 characters easy to identify (name, surname, children, favorite color, year of birth, etc.).
Impersonation: A users password does not prove their identity, so any person can use that password.
Face Management: Gartner analyzes have shown that 35% of calls to the help desk information company are related to password management (forgetfulness, replacement, …).
Weak password rotation policy: The protocols of password rotation have shown low efficiency for some companies. It has been shown that if you put a rotation protocol to a user, they usually use the same password for other applications, in order to memorize less passwords.
To solve this problem of user authentication and password management, business and industry must be equipped with means to:
Check with certainty the identity of its employees for access to sensitive information. Install a solution to re-enter the password (Single Sign On) test under this identity. Prevent the user required to memorize their passwords, increasing the size and complexity of managing their time and life.
These new media should operate on the existing infrastructure and ensure good interoperability with earlier, and not exceed company cost.
Protecting the enterprises
remote access
Today many employees of large industries can access critical business data from anywhere on the planet. A few years ago, these accesses were exceptional and did not need special security. Today, each executive has his own laptop and each accesses their messaging, financial data and trading via remote access.
How to ensure that the person accessing the user is authorized?
Maybe the laptop is stolen, or has fallen into the hands of competitors and recover all this information. All this looks like something out of a spy movie, but cybercrime between companies exists and is growing. These are risks that must be considered very seriously.
Precisely because of the ease of performing remote access, the industry must find a solution for:
Check with certainty the identity of its employees in case of remote access (VPN, secure Web page, …).
Choose a solution where you can not re-enter the password (to prevent hacker attacks from the outside).
Equipped with authentication peripherals able to establish proof of identity for all persons protected parts of the information system, within budget and maintaining uniformity of the equipment installed in enterprises.
Protection of confidentiality of critical
business information
The confidentiality of business data (financial data, legal, research and development) is paramount. But a real solution is effective only if encryption is transparent to the user, can be shared and is secure enough to prevent leakage of information of the entity in which it is stored.
Our structure allows confidently respond to these needs
Accountability and optimization of
information system
Numerous companies are related to section 11 CFR21 standards, which require accountability of the production system. The password system has once again shown its limitations. Some agencies prohibit systematically American products whose accountability is not safe.
Our products deliver logs adapted according to their requirements (HIPAA, LSF, SOX, …). These logs can save time in normalizing their authentication information.
Protection of certificates
Dematerialization of electronic exchanges have suffered a major development in recent years, thanks to the legal recognition of electronic signatures. Beyond the relations between the company and the government, the electronic signature is in place within the company, usually associated with applications “voice” ERP type. Whichever security system is set in place, it will always face challenges with the use and protection of a private key, usually protected by a confidential code or, better, a code phrase. This can save time with the ease of use and substituting this information (which are lost or forgotten forever) for a personal information can neither forget nor lose.
Protecting the certificates of its users, are more responsible for the content of exchanges and on the legal value of the certificates.
Esteban Palacios, nº 10, 3th floor, office 34. 28043, Madrid
(+34) 91 300 56 44