Date: 2023-05-24
Author: Versasec

MFA has become a great part of a defense plan. Rightfully so, considering the high-security assurance it can bring compared to traditional password login. However, as cyber evolves, no one is impervious, and this is where cyber insurance can come in. Many insurers provide coverage for recovery costs, notification of individuals whose information is affected, and recovery of data.

Still, with insurance pricing rising and coverage reducing, companies that are on top of their cyber security proactively find better coverage and even lower premiums. Unfortunately, it is common for small and emerging businesses to prioritize risk-taking, as they understand that greater risks can lead to higher growth potential. Consequently, cyber insurance often falls lower on their list of priorities.

The growing cybersecurity threat to businesses

Nonetheless, when it comes to safeguarding a business or organization, security is precisely the area where businesses cannot afford to gamble or take chances.

“Significantly more than half of all cyberattacks are directed at SMEs, and that number is steadily increasing.” – Chubb

“$4.9M average cost of data breach caused by phishing 82% of cyber incidents caused by human error.” Bezley Group

“One of the quickest and easiest ways for cyber criminals to access SME assets is by walking through the virtual ‘open door’ that employees provide when using weak or reused passwords.” – Chubb

What cyber insurance companies are looking for

Placing security for users and devices is an investment. Cyber insurance companies now prioritize MFA questions when they assess organizations. With Versasec credential management and appropriate MFA, you can answer a resounding YES. (Questions from AIG CyberEdge)

• Do you enforce Dual Factor Authentication for access to critical information and/or systems?
• Do you enforce a ‘strong password policy’ requiring passwords of adequate complexity and length, avoiding re-use for all accounts? If ‘No’, please describe the measures in place to manage password security.
• Virtual Private Network (VPN) required to access corporate network remotely?
  VPN is configured with multi-factor authentication?
• Multi-Factor Authentication mandatory to access email remotely?

Credential and device management does not need to be a pain, manual, and tedious. Streamline the management of multi-factor authentication phishing-resistant devices with cost-effective Versasec flagship product vSEC:CMS, or in the cloud with vSEC:CLOUD. Schedule a free consultation today.

Date: 2023-05-10
Author: John Asan, Worldwide Technical Leader

With Versasec User Application, employees can manage their own PINs, and even self-issue. Organizations can ship the physical credential, pre-issued and blocked, to its remote users, and the Versasec self-issuance process guarantees only the appropriate person will be able to activate the credential and use it. Even a simpler process with virtual credentials, as there is no hardware to be shipped and the issuance can be initiated and completed executed remotely without interaction from operators. 

In the same way, different locations where the company may have offices or factories can manage their teams’ credentials without depending on the main office to do so. Managing credentials faster and more efficiently than before. These use cases bring many benefits to organizations: convenience, speed, and flexibility, without sacrificing security.

Centralized Management of Identities

In our nervous system, the brain functions as a centralized control center. With Versasec, all credential management activities can be centralized. Versasec’s flagship product enables companies to manage credentials to inherit user access and privileges. Additionally, to personalize authentication tokens, issue, block, and revoke credentials and certificates, and enroll FIDO credential tokens. Finally, assign multiple use cases to a single credential. Therefore, expanding PKI-based credentials use cases to enable cryptographic operations.

In today’s digital landscape, enterprises face the challenge of managing a multitude of diverse identities. Various systems and applications lead to complexity, inefficiency, and security risks. Versasec’s credential management system offers a solution by centralizing enterprise authorization and access under one system. And finally, distributing the workload of issuance with self-services.

Some of the benefits enterprises gain with centralized management of credentials, include:

• enable automation and restrictions to follow regulations and company policies; reports can be used for auditing.
• efficient use of time and resources by focusing on one system instead of many.
• ability to add automation of workflows.
• user-focused identity experience for employees.

Example of Credential Management

A large institution was struggling to manage the authentication and access of its employees across multiple systems and applications. The process was time-consuming, complex, and posed significant security risks.

After implementing the Versasec credential management system, the institution was able to centralize its credential management process. It gained greater control and oversight over all hardware security key-related activities. This allowed the institution to enforce security policies and standards more effectively, reducing security risks significantly. In addition, the institution was able to save time and resources by focusing on one unified system instead of many. Further, it improved employee productivity by providing a user-focused identity experience.

With Versasec credential management, the institution was also able to expand its PKI-based credentials use cases, enabling strong cryptographic operations. For example, domain logon, encryption, digital signing, and VPN MFA authentication. The institution was able to assign these multiple use cases to one credential, add physical access control together with digital access to a smart card. Thus, further streamlining the identity management process.

If you would like to start managing your multiple enterprise identities with Versasec, schedule a complimentary consultation with our credential management experts. We can help you get started.

Date: 2023-04-27
Author: Carolina Martinez, Vice President Americas

Our on-premise Versasec credential management solution gives you complete control and flexibility over your environment’s connectivity. With this solution, you can customize and tailor your security infrastructure to meet your specific needs and preferences, whether you choose to be more connected or disconnected. Air-gapped environments with closed networks or with no internet connection are fully supported.

Versasec offers cloud hosted vSEC:CLOUD. Versasec SaaS hosted credential management allows you to redirect your resources away from time consuming tasks of server maintenance and upgrades. vSEC:CLOUD is available in flexible subscription packs and supported by Versasec premium support as well as a team of Versasec cloud experts.

vSEC:CMS deployed in your private cloud allows for a hybrid options, that provides high availability and scalability, cloud benefits, with the ability to still have control over the architecture, security, operating systems, and software updates. If you have an Azure or AWS private cloud, the vSEC:CMS deployed in your cloud is even easier, continuing to manage everything in one place.

Integration with cloud-native applications

It is important to distinguish all hosting/deployment options with Versasec allows you to integrate your system to applications that are cloud-based, such as Microsoft Azure AD. See all of our integration technology alliance partners. Further, with Versasec, customers can start on-premise and easily migrate to the cloud, should they need to, later on. And likewise, from the cloud to on-premise.

Schedule a 30 min complimentary consultation with our identity experts for more details on your hosting of choice! We serve every region of the world, contact us today.

Download the Versasec Hosting Environment pdf resource.

Date: 2023-03-24
Author: John Asan, Technical Leader Worldwide

Just like the monarchs, we at Versasec understand the difficulties and tasks when migrating credential management systems. However, we have seen many customers make this journey successfully. And they all have the same question, can Versasec support their migration? And the answer is yes! Versasec provides multiple migration wizards, and can provide customized professional services should our customers need it.

Today’s post will focus on the Versasec’s FIM/MIM CM migration wizard. With this wizard, vSEC:CMS makes it simple to migrate from Microsoft Forefront Identity Manager (FIM) and Microsoft Identity Manager (MIM) Certificate Management (CM) to Versasec. The wizard facilitates the migration process, making it practical and efficient to import. Additionally, the users and their existing credentials are untouched without any interruptions to the users nor their daily tasks.

Finding a replacement is important since Microsoft ended the general support for FIM on October 10th 2017 and its extended support ended on October 11th 2022. Versasec credential managements are an excellent choice for those looking for a reliable and secure credential management system that will meet their needs well into the future.

“We possess effective means to transfer extensive amounts of data from MIM/FIM and will provide consultation on important considerations.

Recently, we had a productive meeting with one of the branches of the Armed Forces who have been tracking various PIV users over the years. During this meeting, we discussed their requirements for a new, advanced, and efficient credential management system accompanied by reliable support services. They chose to collaborate with us due to our significant expertise and our commitment to assisting with the migration of both users and data. We are excited to provide this valuable experience to our customers.”

– Michael Samara, Business Development Engineer at Versasec

Versasec products are designed to be user-friendly, so even those who are not experts in credential management will find it easy to use. The solution provides a single platform for all credential-related activities, making it easier to manage and maintain your organization’s credentials. This eliminates the need for separate systems and ensures a more streamlined process for all use cases.

Case study: Sandia National Laboratories migrates from FIM/MIM to Versasec

One organization that has benefited from the migration to vSEC:CMS is Sandia National Laboratories. Sandia is a multi-program laboratory managed and operated by the National Technology and Engineering Solutions of Sandia, LLC., a wholly-owned subsidiary of Honeywell International, Inc.

Sandia faced the discontinued support from Microsoft for FIM/MIM CM. Should anything go wrong with their system, they would have no support from Microsoft technical experts. In addition, the organization’s credential management processes would no longer have feature updates, nor security updates responding to new regulations, so it decided to explore alternative solutions.

After evaluating several options, Sandia chose vSEC:CMS. They were pleased with the overall ease of use and efficiency of the new system. The vSEC:CMS solution has enabled Sandia to save time and money by streamlining credential management activities. The organization has also benefited from the improved security and compliance provided by the system. They are able manage YubiKey FIPS, Gemalto IDPrime series smartcards and import management data from MIM. Versasec could support the credentials they were using in FIM, avoiding the purchase of new hardware. Versasec supports a wide range of credentials allowing them to switch to different credentials in the future, or compliment the existing ones with another for other use cases.

Journey to the cloud

Another win, Versasec enables organizations to begin their journey to the cloud. Versasec offers many no-code out-of-the-box technology integrations to cloud solutions, such as, Azure AD, cloud PKIs, and HSMs. Furthermore, with software-as-a-service, vSEC:CLOUD, organizations are also able to perform fully in the cloud.

In conclusion, if you are currently using Microsoft FIM/MIM CM and are looking for a reliable, secure, and user-friendly credential management system, Versasec’s products are an excellent choice. With its migration wizard, you can easily switch from your current system, ensuring a smooth transition and a more efficient credential management process. Don’t wait any longer – start planning your migration now! Contact us for a free demo today and migrate from FIM/MIM to Versasec!

Date: 2023-03-16
Author: Anders Adolfsson, Product Manager

I’m glad you asked.

A TAP is a “time-limited passcode that can be configured to allow users to onboard other authentication methods including passwordless methods such as Microsoft Authenticator, and FIDO2.” It is like a key that unlocks your accounts temporarily.

The great thing about TAPs is that they make it easy to onboard new authentication methods, like FIDO2. And if you ever lose your FIDO2 security key or another authenticator, you can use a TAP to recover your account and register new strong authentication methods.

Enabling and using a TAP is easy with Azure AD. You just need to enable the TAP policy and choose which users and groups can sign in with a TAP. Users can then get access using TAP to the security information management page where they can manage their secure authenticators.

The Versasec & Microsoft AAD Temporary Access Pass Integration

With our Versasec integration, it gets even more simple and more secure. Businesses can now generate and distribute AAD TAP for their employees from the familiar and enterprise-purposed Versasec credential management system. The new integration allows businesses to add TAP creation and distribution as well as revocation to their credential issuance process, enhancing the user experience and improving security.

For further updates on the Versasec integrations with Microsoft, follow our news and blog!

Watch this short video demo of the issuance of TAP from Versasec credential management, featuring:

• Credential issuance with PKI/PIV and AAD TAP
• Temporary Access Pass and credential authentication

Connect with us for a Versasec credential management demo or download an evaluation version and improve your security today!

Date: 2022-03-07
Author: Gabriela Peralta, Marketing & Public Relations Coordinator

At Versasec, we take this opportunity to learn from one of our superstars, whose story embraces change and inspires us. We are pleased for you to meet Tatjana Suhorukova, Business Development Analyst at Versasec. Tanya, as she likes to be called, moved from her native Latvia to the U.K. However, she quickly learned the art of adaptability as she navigated the challenges of a new culture and career path.

“Not everything went smoothly as I had to start from the beginning, including my professional career. Nevertheless, I turned who I was into my new strengths and skills.” With this attitude, Tanya was selected from 300 candidates and landed her first job in the U.K. After seven years in the Forest and Timber industry in Latvia, Tanya started her career in Event Marketing Management.” Not being a local, nor speaking English as my native language was a challenge. However, challenges inspire and motivate me. In essence, moving to the UK made my world bigger and made me stronger as a woman.”

After five years in the event industry, she was ready for a new challenge. Tanya joined Versasec in August 2017 in the role of Business Administration. During her time at Versasec, she became a key contributor in Sales, Business Development, and leading Global Technology Partnerships.

“I aspire to learn new things and enjoy meeting new people. I surround myself with successful women that drive and inspire me. Getting things done, teamwork, and being organized are traits that have helped me succeed in many areas of life.”

Women in Cybersecurity

In light of women around the world who face discrimination and inequality, she appreciates the opportunities in the United Kingdom and in Cybersecurity.

“Being a woman in cybersecurity means a lot of opportunities, challenges, and innovation. Cybersecurity is one of the fastest-growing sectors in the IT industry, and many different skills can be applied. Furthermore, working in cybersecurity allows for collaboration and networking with people from various sectors and locations. Consequently, this diversity can be incredibly beneficial in terms of gaining new perspectives and building a broad skill set,” states Tanya.

Fighting for Gender Equality

In addition, Tanya is motivated by different organizations fighting for gender equality and inclusion. “It is encouraging to see that there are national programs and groups dedicated to supporting women in cybersecurity. As a result, their work addresses some of the gender imbalances that still exist. By promoting diversity and inclusivity, we can help to build a stronger and more resilient cybersecurity workforce. Nevertheless, there are many exciting opportunities and challenges in the field of cybersecurity. For that reason, it is wonderful to see women take on these roles and make a positive impact in the industry.”

As a woman in 2023, Tanya balances her life as a mother, a wife, and a Cybersecurity professional. Tanya mastered the skill of shifting gears and embraced the adventure of living in a foreign land. Her journey inspires other business professionals as they embrace change, adapt to new challenges, and achieve success.

Date: 2023-03-01
Author: Gabriela Peralta, Public Relations & Marketing Coordinator

In late 2022, this company, already familiar with vSEC:CMS, became one of our first vSEC:CLOUD customers, benefitting from Versasec SaaS credential management.

To them, it was important vSEC:CLOUD could offer them the time to focus on their business-specific goals, rather than on updates and maintenance.

“Our team wants to focus on delivering business value. Updating software and servers, while important, is low value. By using a managed solution, we can focus on business objectives,” stated Company’s Head of Engineering and Cybersecurity.

Read in this case study, the requirements the company prioritized, and what The Versasec Experience is all about: https://versasec.com/docs/case_study_printing_shipping.pdf

Versasec is known for innovating and developing the leading credential management on the market for on-premise, cloud, and hybrid deployments. Our software is built with businesses and IT professionals in mind, helping companies of all sizes easily deploy and manage virtual and physical smart cards, tokens, RFID, FIDO, and other PKI credentials throughout their lifecycle.