About Us

IS Decision’s UserLock enables Secure Access to Microsoft 365

IS Decision’s UserLock, the leading access control platform for on-premises and hybrid Active Directory (AD) systems, now supports single sign-on (SSO) with multi-factor authentication (MFA) utilizing current on-premises AD identities, allowing secure access to Microsoft 365 and cloud services.

To do business, today’s contemporary hybrid corporation relies on Active Directory and the cloud. With the advent of remote work, IT departments must simplify safe access to the corporate network and the cloud for both distant and on-site connections.

According to François Amigorena, President & CEO of IS Decisions, changes in user access requirements have resulted in new security concerns, which can lead to organizations adopting difficult, costly, or disruptive modifications. Organizations may benefit from an easy-to-use, non-disruptive, and cost-effective SSO solution with UserLock, which utilizes their existing Active Directory investment to protect employee access to the corporate network and cloud services, no matter where they work.

UserLock SSO supports the SAML 2.0 protocol for federated authentication of cloud apps and can be installed in minutes on a normal Windows server. To access all cloud resources, each user only needs to log in once with their existing AD credentials (and a second factor, if necessary).

Mission Secure and XONA partners to offer zero-trust OT cybersecurity solutions to industries relying on remote operations capacity

Mission Secure, the world’s leading Industrial control (ICS) cybersecurity tech firm, announced a strategic partnership with XONA, the developer of a zero-trust user access solution for remote industrial operations, to provide more comprehensive and integrated operational technology (OT) cybersecurity solutions across several industries.

Remote operations capability is becoming extremely important in a pandemic-affected operational landscape for sustaining resiliency, enhancing efficiency, and accomplishing corporate goals. However, as IT and OT systems converge, businesses are exposed to cybersecurity vulnerabilities that standard IT security solutions can’t address. In order to protect essential infrastructure and business data from malicious attackers, organizations need OT-specific cybersecurity features.

In the defence, critical infrastructure, and process industries, Mission Secure offers comprehensive OT security solutions. This partnership improves their security by bringing a zero-trust user access layer to their product offerings, which include integrated closed-loop multi-factor authentication (MFA), browser-based virtual desktop infrastructure (VDI), moderated secure file transfer, system connection segmentation and monitoring, protocol isolation, and deep user access forensics, all offered through a single platform.

“Mission Secure is proud to bring XONA’s ‘best-in-class’ solution to our customers Our OT/ICS customers often face challenges with remote access, but the XONA technology adds an important feature set to our Platform-as-a-Service that will bridge the gap between cyber protection and operational efficiency. That’s especially important now as threat actors increasingly turn their attention to vulnerabilities in OT/ICS to avoid the increased security in IT infrastructures,” said John K. Adams, Mission Secure’s CEO.

“Simple to deploy, zero-trust user access empowers companies to embrace OT remote operations capacity without compromising cybersecurity. As ransomware and other cybersecurity threats increase in scope, frequency and severity, it’s critical that companies fortify their remote operations to account for a shifting threat landscape. We’re excited to partner with Mission Secure to deliver just those necessary capabilities,” said XONA CEO, Bill Moore.

Together Mission Secure and XONA will offer a comprehensive cybersecurity solution that protects companies as they embrace remote operations.

Stytch raised $30M for an API-first passwordless authentication platform

Stytch has raised $30 million in Series A fundraising led by Thrive, with participation from Coatue, Benchmark and existing investors, Benchmark and Index. Gaurav Ahuja of Thrive and Benchmark’s Chetan Puttagunta have joined as board of directors. Matthew Prince, Cassidy Williams, Neha Narkhede, and Joshua Browder are among the new angel investors on board.

They saw passwords firsthand at Plaid, both in terms of security and usability. They saw how easily people gave up when the authentication procedure became too difficult and easy passwords left users vulnerable to account takeover attacks.

Authentication, which underpins all of our online interactions, has been stuck in the 1990s despite the fact that user experience and security have both improved over the last few decades.

That’s why Stytch was created – to make the next generation of authentication passwordless.

They believe in developing tools and infrastructure that allow integrating authentication into apps and websites easier, faster, and safer. By adopting passwordless technologies, they’re making it simple to upgrade users’ authentication flows and provide exceptional user experiences.

Alternative authentication techniques have risen in popularity in recent years, utilising developments in both hardware (e.g. biometrics, YubiKey) and software (e.g. APIs for programmatic text + email), paving the way for a password-free future. However, developing a reliable new authentication system is a major job, requiring organisations to dedicate entire teams to the task. They see this as a huge opportunity to assist developers transition to a new era of authentication, where they can use simple APIs and SDKs to incorporate passwordless authentication solutions.

More than 350 developers are already using the Stytch platform to design user onboarding and login flows that include email magic links, SMS and WhatsApp passcodes, and one-click user invitations. They said that they have seen enterprises of all sizes drawn to the straightforward developer experience and flexibility given by their API-first strategy, including a handful of Fortune 500 companies who use the platform.

With the new funding, they want to introduce a variety of new authentication options to the platform, including mobile biometrics, WebAuthn, OAuth logins, QR codes, and push notification login. They are also beefing up the user infrastructure features that make Stytch the easiest and most frictionless method to onboard and engage users, such as session management, account recovery, and more effective fraud detection.

Paubox Launched Zero Trust Email Security

Paubox, the leader in HIPAA-compliant email, has announced Zero Trust Email, a new addition to the Paubox Email Suite. Zero Trust Email is the first and only solution of its type, designed to help healthcare institutions protect sensitive data and Protected Health Information (PHI) against cyber-attacks.

Because more than 93 percent of healthcare businesses have had at least one security breach in the last three years, a solution to counteract phishing assaults that infiltrate email security systems was critical. Attackers are creating accounts on GoDaddy, AWS, and Mailgun servers, which are all controlled by American infrastructure corporations. This enables these thieves to bypass spam and malware detection software used by the sector. Paubox responded by launching Zero Trust Email.

Hoala Greevy, Founder CEO of Paubox said “A core tenet of Zero Trust security is multi-factor authentication (MFA). While most of us associate MFA with text messages or authenticator apps, there is a broader definition. MFA simply means more than one piece of evidence is required to authenticate a user. As it relates to Zero Trust Email, we built a system whereby an additional piece of evidence from the sender’s mail server is required before it passes our Inbound Security checks. The additional evidence is determined by an Artificial Intelligence (AI) algorithm we created. In effect, we are incorporating email AI into the core of Paubox. Healthcare continues to be a primary target for cybersecurity attacks. This extra layer of verification is critical to keeping bad actors at bay.”

Identity and Access Management – All You Need to Know

Identity and access management (IAM) is a set of rules implemented using technical solution so that validated users in an organization are granted appropriate level of access to the required resources. IAM is a framework, which manages access to enterprise resources.

Identity – An identity is label or token which is used to recognize user. It is creation, modification and deletion of identities.
Authentication – It is process of verifying whether the user is who he/she claims to be.
Authorization (user access) – It is a process to determine whether an authenticated user is permitted to access a specific resource.
In today’s changing world, IAM is critical. The ongoing process of controlling who has access to what information plays vital role. IAM is responsible for the management of users’ (employee or client) identities. In sharing of data and information, secure user access is critical. Furthermore, electronic data is becoming increasingly important to most businesses. As a result, access control must meet increasingly stringent criteria – a problem that is often addressed by implementing strong authentication. Identity and access are two crucial concepts in IAM that must be handled by an organization. Companies are increasingly dependent on digital tools to do these tasks.

Some Noteworthy Features of IAM are –

  • Centralized Directory service – It is one of the fundamental building blocks of IAM solution. A directory service is a centralized database of information that is structured and defined by a unique identifier. It makes the identity storage and verification process seamless across multiple platforms.
  • User Life cycle – IAM creates life cycles of employees and clients of an organization based on their behaviour patterns and access rules defined. It helps to detect threats.
  • Single Sign-On – IAM solutions support SSO. Single Sign-On (SSO) with a single set of credentials allows employees or clients of an organization to access multiple applications quickly. It eliminates the need to remember several sets of passwords making it more user friendly.
  • Scalable and Flexible – IAM solutions are able to scale up and down efficiently as per the requirement of an enterprise firm. They are scalable enough to manage the need of small firms with less than 100 user or large organizations with millions of users. IAM solutions give companies choice of deployment either on-premise servers or cloud with configuration changes.
  • Multi-Factor Authentication – Multi-Factor Authentication systems use two or more methods to verify the user’s identity. It uses information like biometrics, location, OTP to confirm the user’s identity. Organizations use advanced MFA to protect their employee or client’s connections to corporate networks or cloud applications. MFA greatly reduces the risk of a security breach, and confidential data is kept secure.
  • IAM control – Administrators can authorize who can work on specific resources using Identity and Access Management (IAM), giving them complete control and visibility of the company’s cloud resources. IAM offers a cohesive vision of security policies across the entire company, with built-in auditing to simplify compliance procedures for businesses with diverse corporate networks. IAM gives administrators the ability to grant fine-grained access to cloud services.
  • Government Law – State and Central government laws in various countries require companies who work with Personal or Identity-related information like financial information to use secure and robust Identity and access management solutions. In crucial sectors like banks, it is mandated by law to meet certain compliance guidelines.
  • Security – The beauty of the IAM system is its ability to show you what threats your company is facing. It detects and raises alert if the user’s behaviour deviates from usual activity. e.g. an attempt to access unauthorized resource or login from a different location. IAM takes action like account locking for failed login attempts. To make this possible IAM tools use big data analytics based on key metrics to manage.

Identity and Access Management solutions are used by all organizations. It is difficult to imagine an organization without an IAM Solution. With increasing number of devices, applications and users IAM software have great future with growing a market.