Do not give up on security when using SSO
SSO (Single Sign-On) is an authentication method that allows users to access with one set of log-in info on multiple software systems and services without having to authenticate again. SSO has become increasingly popular as it simplifies application access and reducing the burden of remembering multiple passwords from a user’s perspective. However, there are also concerns about security vulnerabilities that could result in account exposure and leakage of sensitive information from multiple systems. There is also a concern that an attacker could hack into the user’s PC and acquire the credential key downloaded when the user accesses the target system through SSO, which can also be used to re-access the target system. Some PAM (Privileged Access Management) vendors argue that the lack of zero trust, which should be a multi-authentication framework, is a fatal weakness, although it can deliver user convenience.
However, Jae-Guk Lee, Director of Global Technology at NETAND said “Unlike other PAM solutions, NETAND’s HIWARE has the strength to achieve both convenience and zero-trust security. The reasons for maintaining a higher security level when accessing the target system through HIWARE are as follows:
Firstly, the proxy server holds the credential key used for communication with the target device to be accessed. Secondly, when the user (client PC) attempts to access the target device through the relay server, a virtual credential key is generated and delivered to the user each session. Lastly, when attempting to communicate with a used credential key, the value of the key used in the communication changes every session, and when communicating with DATA, the existing credential key is invalidated because it is encrypted with the new credential key. Therefore, even if an attacker acquires a critical key from a user’s PC, the target system cannot be accessed using that key again.”
NETAND has received another recognition as Top 10 Digital Identity Solutions provider in APAC 2022 by Enterprise Security Magazine, which indicates our strong position in the global market.
NETAND has been introduced by CYBERNEWS as a global leading cyber security company in South Korea!
A great experience in the Philippines! K-Security seminar in the Philippines was successful and we hope to come back again!
Data masking, also known as data obfuscation, hides the actual data using modified content like characters or numbers. The idea behind data masking is creating another version of data that cannot be easily identifiable or reverse engineered, protecting data classified as sensitive.
NETAND, specializing in integrated access and identity management solutions, announced that it was selected last month in the information and communication field of the “National 1000 Innovative Enterprises.”
Many companies are suffering from the aftermath of COVID-19, but some companies showed fierce growth this year, with sales rising 20% year-on-year such as NETAND Co., Ltd. (CEO Shin Ho Chul); a company specializing in integrated access and account management.