PortalGuard's Five Layer Authentication Offers Quintessential Solutions for the Worsening Webmail Vulnerability Crisis
AMHERST, NH, Jan 31, 2013 (MARKETWIRE via COMTEX) --
The PortalGuard platform's layered authentication approach adds
protection which is crucial in defending Outlook Web App (OWA)
against attacks, an often overlooked and critically weak focal point
for illegitimate access to most any corporate network, with minimal
tradeoff between security and usability.
Through providing a variety of two-factor authentication methods for
logins, the PortalGuard platform effectively alleviates the threat of
compromised webmail credentials, greatly enhancing and securing OWA's
native simple password authentication. In addition, the platform
presents options for enhancing the authentication for self-service
password reset, eliminating the compromise between allowing user
self-service and softening security.
"It is very clear that in an unprecedented number of accounts
involving the compromise of corporate infrastructure in recent years,
access to employee email accounts were a primary factor," says Thomas
Hoey, founder and CEO of PortalGuard, a company whose principals have
always centered on providing companies with low-risk, robust
functionality, and dedicated customer service, all while maintaining
usability at an affordable price point. "Webmail access is sought
after by hackers for an overwhelming number of reasons. An email
account contains a wealth of data that can be easily leveraged for
further takeover of the individuals or company's assets or services,"
Hoey says. "Everything from password reset links, sensitive corporate
information, and all of your personal data is there as well, to be
waded through for answers to password recovery questions. It's in
essence an archive with everywhere you've been and everything you've
done online, making it the perfect place to initiate any sort of
attack. Most OWA logins are publicly available and typically secured
with the simplest lock available: a basic password."
To hearken to the theme of usability, PortalGuard also offers
completely transparent One-time Password (OTP) delivery methods to
achieve its two-factor authentication in addition to the traditional,
tangible type. Through use of its Transparent Tokenless Toolbar (TTT)
browser plugin, the enhanced protection of two-factor authentication
is combined with utmost usability, when a user is able to submit a
full-fledged two-factor authentication without the need of a phone,
hard-token, or anything the user has besides their laptop. The TTT
automatically generates time based OTPs (TOTPs) on a regular
interval, as well as encrypts the OTP value with public key
cryptography. This ensures that the OTP is only able to be decrypted
and read by the PortalGuard server, as well as severely limits the
amount of time the OTP is valid if it were to be somehow compromised.
With the TTT plugin installed, authenticating on a machine that
passes a set of risk-based criteria requires just the users'
password, nothing more than a standard OWA login, despite that a
secure two-factor authentication is actually taking place.
"For many, the importance of locking down your webmail access appears
to be overlooked," Hoey continues, "Others are certainly actively
securing their OWA logins, through SSL, or hiding them behind reverse
proxies, which are all partial answers. The fact of the matter is:
multi-factor authentication is the only solution that addresses the
issue of it being a weakest link in its entirety."
The full version of the PortalGuard authentication platform software
is available for $7,500 USD per installation, and comes with a 90 day
money back guarantee. A trial version of PortalGuard is also
available. For details, please visit the company website
PO Box 1226
Amherst NH, 03031
[ InfoTech Spotlight's Homepage ]