Authlogics Authlogics
  • Solutions
    • Password Security Auditing
    • Password Policy Compliance
    • Password Breach Database
    • Passwordless Authentication
    • Deviceless OTP
    • Single Sign-On
    • Cloud Protection
      • Amazon Web Services
      • Azure and Office 365
    • Helpdesks
    • Retail Banking
    • Transaction Verification
  • Products
    • Password Security Management
    • Multi-Factor Authentication
      • Authenticator Mobile App
      • PINgrid
      • PINphrase
      • PINpass
      • Yubikey
    • System Agents
      • ADFS Agent
      • Domain Controller Agent
      • Exchange Agent
      • Remote Desktop Agent
      • Windows Desktop Agent
  • Resources
    • Demonstration
    • Whitepapers
    • Datasheets
    • Case Studies
    • Use Cases
    • Pricing
    • Blog
    • Accolades
    • UK Government: G-Cloud
  • Partners
    • Find a Reseller
    • Find a Distributor
    • Technology Partners
    • Become a partner
    • Password Security Portal
  • Company
    • Contact Us
    • Intellectual Property
    • About Us
  • Support
    • Downloads
    • Documentation
    • Knowledge Base
    • Community
    • Log a call
Authlogics Authlogics
  • Solutions
    • Password Security Auditing
    • Password Policy Compliance
    • Password Breach Database
    • Passwordless Authentication
    • Deviceless OTP
    • Single Sign-On
    • Cloud Protection
      • Amazon Web Services
      • Azure and Office 365
    • Helpdesks
    • Retail Banking
    • Transaction Verification
  • Products
    • Password Security Management
    • Multi-Factor Authentication
      • Authenticator Mobile App
      • PINgrid
      • PINphrase
      • PINpass
      • Yubikey
    • System Agents
      • ADFS Agent
      • Domain Controller Agent
      • Exchange Agent
      • Remote Desktop Agent
      • Windows Desktop Agent
  • Resources
    • Demonstration
    • Whitepapers
    • Datasheets
    • Case Studies
    • Use Cases
    • Pricing
    • Blog
    • Accolades
    • UK Government: G-Cloud
  • Partners
    • Find a Reseller
    • Find a Distributor
    • Technology Partners
    • Become a partner
    • Password Security Portal
  • Company
    • Contact Us
    • Intellectual Property
    • About Us
  • Support
    • Downloads
    • Documentation
    • Knowledge Base
    • Community
    • Log a call

Think you have secure remote access – it might be time to think again!

adminon 13th October 2015

Providing staff with the convenience of remote access is an everyday essential when it comes to boosting productivity, but all of these benefits can easily be wiped out if it compromises the security of your organisations systems and data. In his latest blog, the cyber-security expert, Graham Cluley, reveals that one of the most popular remote access tools – Outlook Web App (OWA) – has been ‘backdoored’ in a malicious attack on an unnamed company. The ramifications of the attack means that employees’ OWA usernames and passwords and more importantly what they provide access to, could be compromised.

For many organisations, remote access has presented a perennial challenge, balancing system security with user convenience. Make the login process too convoluted and employees will shy away from using it, limit what can be accessed impacts productivity, and using a username and password makes systems vulnerable.

Traditionally, for those who could afford the initial capital and ongoing operational expense, the standard option was to roll-out hard-tokens for strong two-factor authentication. This is a very expensive option and certainly one that the vast majority of SME organisations and larger enterprises for that matter, couldn’t and shouldn’t entertain. But cost is just one (albeit major) issue. The law firm Taylor Wessing had trialled hard-tokens, but they proved to be extremely unpopular with its partners, who did not want to carry them everywhere. In another trial, tokens on a mobile device were used and whilst they received a warm reception, the particular solution used caused headaches when partners travelled overseas causing the token to fail. A particular issue for an organisation with 26 offices around the world.

The solution for Taylor Wessing was the PINgrid authentication solution from Authlogics, which can be used as a soft-token in both 1.5 and 2FA environments. Crucially it does not require the mobile device upon which it is installed to be connected. This approach was also taken by Liverpool Heart and Chest Hospital, an NHS Foundation Trust and its IT Operations Manager, Matt Connor commented that: “The 1.5FA approach offers the perfect fit for a BYOD strategy. It means authorised staff can get fast and secure access from any device anywhere and our systems are fully protected at all times.”

Implementing 1.5 or 2FA for remote access in this way removes the reliance on passwords as a security measure and that means that the likelihood of a successful attack such as the OWA example can be mitigated significantly. What is more, it opens up opportunities for organisations of all sizes to provide not just remote-access but secure and convenient remote access for all who need it.

in Uncategorised
  • Previous

    How NHS Trusts can be free from the Cost of Hard-Token Authentication

  • Next

    Authlogics Desktop Login Agent is now available for Windows 10

Recent Posts

  • Top Ten Universities Vulnerable to Data Breaches and Need Better Password Education
  • Strong Leaders Don’t Have Strong Passwords
  • If You Do One Thing on World Password Day, Find Out How Many of Your Passwords are Being Shared Around the World
  • The Road to Password Hell is Paved with Good Intentions
  • ARTICLE: When cutting costs on defending your networks isn’t an option

Recent Comments

  • Top Ten Universities Vulnerable to Data Breaches – The ID Bulletin on Password Security Management
  • The highway to password hell is paved with good intentions - Andre HOT on Have you been Pwned? Most likely
  • The street to password hell is paved with good intentions - Trend Directory on Have you been Pwned? Most likely
  • The highway to password hell is paved with good intentions - Theopenlab on Have you been Pwned? Most likely
  • The highway to password hell is paved with good intentions - Lecheyre.ch on Have you been Pwned? Most likely

Archives

  • June 2022
  • May 2022
  • March 2022
  • February 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • February 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • May 2020
  • April 2020
  • February 2020
  • January 2020
  • December 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • January 2019
  • September 2018
  • January 2018
  • October 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015

Categories

  • Authentication
  • Awards
  • Business
  • Compliance
  • Customer Experience
  • Data Breach
  • Download
  • Implementation
  • Management
  • Marketing
  • Multi Factor Authentication
  • Password
  • Password Replacement
  • Password Security
  • Passwordless Authentication
  • PIN
  • Predictions
  • Remote Working
  • Security
  • Single Signon
  • Strategy
  • Uncategorised

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Contact us

UK: +44 1344 568 900
US: +1 408 706 2866

sales@authlogics.com
info@authlogics.com

Visit us

329 Doncastle Road, Bracknell,
Berkshire, RG12 8PE, UK

Map it »

1551 McCarthy Blvd, Suite 215,
Milpitas, CA, 95035, US

Map it »

Follow on

Legal information

Privacy Policy
© Authlogics Ltd. All Rights Reserved.