"With the TTT plugin
installed, authenticating on
a machine that passes a
set of risk-based criteria
requires just the users'
password, nothing more
than a standard OWA
login, despite that a secure
two-factor authentication
is actually taking place."
http://www.portalguard.com
Portal Authentication: A Balancing Act Between Security Usability and Complia...
Webmail Vulnerability Crisis
1. "With the TTT plugin
installed, authenticating on
a machine that passes a
set of risk-based criteria
requires just the users'
password, nothing more
than a standard OWA
login, despite that a secure
two-factor authentication
is actually taking place."
Press Release
PortalGuard's Five Layer Authentication Offers Quintessential Solutions for the
Worsening Webmail Vulnerability Crisis
January 31, 2013 16:18 ET
AMHERST, NH-- The PortalGuard platform's layered authentication approach adds protection which
is crucial in defending Outlook Web App (OWA) against attacks, an often overlooked and critically
weak focal point for illegitimate access to most any corporate network, with minimal tradeoff
between security and usability.
Through providing a variety of two-factor authentication methods for logins, the PortalGuard
platform effectively alleviates the threat of compromised webmail credentials, greatly enhancing
and securing OWA's native simple password authentication. In addition, the platform presents
options for enhancing the authentication for self-service password reset, eliminating the
compromise between allowing user self-service and softening security.
"It is very clear that in an unprecedented number of accounts involving the compromise of
corporate infrastructure in recent years, access to employee email accounts were a primary factor,"
says Thomas Hoey, founder and CEO of PortalGuard, a company whose principals have always
centered on providing companies with low-risk, robust functionality, and dedicated customer
service, all while maintaining usability at an affordable price point. "Webmail access is sought after
by hackers for an overwhelming number of reasons. An email account contains a wealth of data
that can be easily leveraged for further takeover of the individuals or company's assets or
services," Hoey says. "Everything from password reset links, sensitive corporate information, and
all of your personal data is there as well, to be waded through for answers to password recovery
questions. It's in essence an archive with everywhere you've been and everything you've done
online, making it the perfect place to initiate any sort of attack. Most OWA logins are publicly
available and typically secured with the simplest lock available: a basic password."
To hearken to the theme of usability, PortalGuard also offers completely transparent One-time
Password (OTP) delivery methods to achieve its two-factor authentication in addition to the
traditional, tangible type. Through use of its Transparent Tokenless Toolbar (TTT) browser plugin,
the enhanced protection of two-factor authentication is combined with utmost usability, when a
user is able to submit a full-fledged two-factor authentication without the need of a phone, hard-
token, or anything the user has besides their laptop. The TTT automatically generates time based
OTPs (TOTPs) on a regular interval, as well as encrypts the OTP value with public key cryptography.
This ensures that the OTP is only able to be decrypted and read by the PortalGuard server, as well
as severely limits the amount of time the OTP is valid if it were to be somehow compromised. With
the TTT plugin installed, authenticating on a machine that passes a set of risk-based criteria
requires just the users' password, nothing more than a standard OWA login, despite that a secure
two-factor authentication is actually taking place.
"For many, the importance of locking down your webmail access appears to be overlooked," Hoey
continues, "Others are certainly actively securing their OWA logins, through SSL, or hiding them
behind reverse proxies, which are all partial answers. The fact of the matter is: multi-factor
authentication is the only solution that addresses the issue of it being a weakest link in its
entirety."
The full version of the PortalGuard authentication platform software is available for $7,500 USD per
installation, and comes with a 90 day money back guarantee. A trial version of PortalGuard is also
available. For details, please visit the company website (www.portalguard.com).
"Through providing a variety
of two-factor authentication
methods for logins, the
PortalGuard platform
effectively alleviates the
threat of compromised
webmail credentials, greatly
enhancing and securing
OWA's native simple
password authentication."
Copyright 2009 - 2013 PistolStar, Inc. All Rights Reserved Site Map
Search
Solutions Resources Contact Us By Platform By Industry
Platform
Request Demo
ShareShareShareShareShareShare