Article posted: Aug 06, 2018

By Joakim Thorén, CEO

Another day, another data breach, as social news aggregation platform Reddit just announced it was breached. With the GDPR regulations in effect, more organizations are quickly reporting breaches and investigating their causes to avoid stiff penalties. The latest breach affecting Reddit demonstrates the dangers of using SMS for two-factor authentication.

Continue Reading...

Article posted: Jul 18, 2018

By Joakim Thorén, CEO

Cisco's 2018 Annual Cybersecurity Report points out that mobile devices are the most difficult to protect. That's in large part because of increased use of Bring Your Own Devices (BYOD) into the workplace. While organizations can save up to $350 per phone, per employee, by allowing the use of BYOD devices, there are inherent security challenges. When employees download apps from questionable gaming sites that are more likely to be breached, they leave a window for hackers to enter corporate servers and steal valuable organizational data.

Continue Reading...

Article posted: Mar 05, 2018

By Joakim Thorén, CEO

Recently, ECN published an opinion piece on why smartphones can do double duty to secure data and a user's identity. Certainly, the smartphone is a good tool for authentication, but relying on One-Time Passwords (OTPs) is not an ideal two-factor authentication method, because OTP authentication makes use of rather short computer-generated passwords. These passwords are often provided to the user with none or very weak authentication.

Continue Reading...

Article posted: Feb 27, 2018

By Anders Adolfsson, Technical Consultant

We've written about the dangers of One-Time Passwords (OTP) for use in two-factor authentication and applauded the National Institute of Standards and Technology's (NIST) stance on eliminating SMS-based OTPs. It seems we're not alone. FireEye recently blogged about the dangers of OTPs in phishing campaigns and how hackers are using real-time phishing in attacks on corporate websites.

Continue Reading...

Article posted: Mar 10, 2017

By Marcus Hartwig, GM Americas

Google's Nest thermostat and other consumer IoT devices are flooding the market. By 2020, Cisco predicts 50 billion IoT devices will be connected. Not surprisingly, security is a major concern for these connected devices. After all, no one likes the idea of hackers infiltrating smart devices, like DVRs or cameras, the very devices that were hacked to bring down DynDNS last October.

Continue Reading...

Article posted: Oct 12, 2016

By Marcus Hartwig, GM Americas

When the National Institute of Standards and Technology (NIST) declared over the summer that SMS-based, two-factor identification should be put into the scrap heap of history, lots of us in the industry breathed a sigh of relief.

Continue Reading...

Article posted: Jun 27, 2016

We're partnering with Yubico, the leading provider of simple and open online identity protection, and announcing support for their YubiKey USB hardware device in Versasec's next product update. Stay tuned for a new vSEC:CMS announcement end of June.

Continue Reading...