SYS-CON MEDIA Authors: Scott Bampton, Greg Ness, Elizabeth White, Glenn Rossman, Pat Romanski

News Feed Item

PortalGuard's Five Layer Authentication Offers Quintessential Solutions for the Worsening Webmail Vulnerability Crisis

AMHERST, NH -- (Marketwire) -- 01/31/13 -- The PortalGuard platform's layered authentication approach adds protection which is crucial in defending Outlook Web App (OWA) against attacks, an often overlooked and critically weak focal point for illegitimate access to most any corporate network, with minimal tradeoff between security and usability.

Through providing a variety of two-factor authentication methods for logins, the PortalGuard platform effectively alleviates the threat of compromised webmail credentials, greatly enhancing and securing OWA's native simple password authentication. In addition, the platform presents options for enhancing the authentication for self-service password reset, eliminating the compromise between allowing user self-service and softening security.

"It is very clear that in an unprecedented number of accounts involving the compromise of corporate infrastructure in recent years, access to employee email accounts were a primary factor," says Thomas Hoey, founder and CEO of PortalGuard, a company whose principals have always centered on providing companies with low-risk, robust functionality, and dedicated customer service, all while maintaining usability at an affordable price point. "Webmail access is sought after by hackers for an overwhelming number of reasons. An email account contains a wealth of data that can be easily leveraged for further takeover of the individuals or company's assets or services," Hoey says. "Everything from password reset links, sensitive corporate information, and all of your personal data is there as well, to be waded through for answers to password recovery questions. It's in essence an archive with everywhere you've been and everything you've done online, making it the perfect place to initiate any sort of attack. Most OWA logins are publicly available and typically secured with the simplest lock available: a basic password."

To hearken to the theme of usability, PortalGuard also offers completely transparent One-time Password (OTP) delivery methods to achieve its two-factor authentication in addition to the traditional, tangible type. Through use of its Transparent Tokenless Toolbar (TTT) browser plugin, the enhanced protection of two-factor authentication is combined with utmost usability, when a user is able to submit a full-fledged two-factor authentication without the need of a phone, hard-token, or anything the user has besides their laptop. The TTT automatically generates time based OTPs (TOTPs) on a regular interval, as well as encrypts the OTP value with public key cryptography. This ensures that the OTP is only able to be decrypted and read by the PortalGuard server, as well as severely limits the amount of time the OTP is valid if it were to be somehow compromised. With the TTT plugin installed, authenticating on a machine that passes a set of risk-based criteria requires just the users' password, nothing more than a standard OWA login, despite that a secure two-factor authentication is actually taking place.

"For many, the importance of locking down your webmail access appears to be overlooked," Hoey continues, "Others are certainly actively securing their OWA logins, through SSL, or hiding them behind reverse proxies, which are all partial answers. The fact of the matter is: multi-factor authentication is the only solution that addresses the issue of it being a weakest link in its entirety."

The full version of the PortalGuard authentication platform software is available for $7,500 USD per installation, and comes with a 90 day money back guarantee. A trial version of PortalGuard is also available. For details, please visit the company website (www.portalguard.com).

Add to Digg Bookmark with del.icio.us Add to Newsvine

Kimberly Johnson
Email Contact
PO Box 1226
Amherst NH, 03031
603.547.1200

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
The 4th International DevOps Summit, co-located with16th International Cloud Expo – being held June 9-11, 2015, at the Javits Center in New York City, NY – announces that its Call for Papers is now open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and ...
We live in a time when seconds – even milliseconds – can have a dramatic economic impact on your company’s future. With technology being the primary conduit for consumer interaction, the user experience is at center stage. User experience will be a deciding factor in separating the future winners from the losers. By building more speed and agility into the application delivery process, DevOps prom...
When an enterprise builds a hybrid IaaS cloud connecting its data center to one or more public clouds, security is often a major topic along with the other challenges involved. Security is closely intertwined with the networking choices made for the hybrid cloud. Traditional networking approaches for building a hybrid cloud try to kludge together the enterprise infrastructure with the public clou...
Ixia develops amazing products so its customers can connect the world. Ixia helps its customers provide an always-on user experience through fast, secure delivery of dynamic connected technologies and services. Through actionable insights that accelerate and secure application and service delivery, Ixia's customers benefit from faster time to market, optimized application performance and higher-qu...
SYS-CON Events announced today that Stratogent will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Stratogent is a custom managed services organization based in San Mateo, California. We design, implement, and support mission critical infrastructure 24x7 on premises, in datacenters and in t...
SYS-CON Events announced today that Grid Dynamics, the leading provider of scalable eCommerce technology solutions, will exhibit at DevOps Summit Silicon Valley, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Grid Dynamics is a leading provider of open, scalable, next-generation commerce technology solutions for Tier 1 retail. Grid Dynamics h...
SYS-CON Events announced today that Harbinger Systems will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Harbinger Systems is a global company providing software technology services. Since 1990, Harbinger has developed a strong customer base worldwide. Its customers include software product...
SYS-CON Events announces a new pavilion on the Cloud Expo floor where WebRTC converges with the Internet of Things. Pavilion will showcase WebRTC and the Internet of Things. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices--co...
The only place to be June 9-11 is Cloud Expo & @ThingsExpo 2015 East at the Javits Center in New York City. Join us there as delegates from all over the world come to listen to and engage with speakers & sponsors from the leading Cloud Computing, IoT & Big Data companies. Cloud Expo & @ThingsExpo are the leading events covering the booming market of Cloud Computing, IoT & Big Data for the enterp...
Docker offers a new, lightweight approach to application portability. Applications are shipped using a common container format and managed with a high-level API. Their processes run within isolated namespaces that abstract the operating environment independently of the distribution, versions, network setup, and other details of this environment. This "containerization" has often been nicknamed "th...