Cyber Threats or Cyber Attacks are now becoming more complicated and more difficult to defend. The attacks may cause slow-down of the whole network, or may cause the confidential data leakage to outside of the organization. It is very difficult to implement 100% protection from all threats, so it is important for an organization to have a security policy so that security solutions to protect Cyber Attacks can be implemented according to their priorities.
In 2001, Thailand announced the first Cyber-related law, which defines all of electronics transactions, so that all stakeholders have the same understandings. Due to the increase in Cyber-crime, an additional Cyber-related law was announced in 2007, which enforces both Internet users and providers. Based on these 2 laws and ISO/IEC 27001: 2005, Cyber-related crime act (CRCA) law was finalized and announced in 2010, and all organizations (including private & public sectors) in Thailand must comply to this law.
Gateway security solutions protect threats or attacks coming into the organization from Internet. Attacks come mainly from two types of traffic – E-mail and web.
There are many E-mail security solutions and platforms which are normally implemented to protect attacks coming from E-mail traffic
Factors such as number of E-mail users, compatibility with E-mail software, ease of use, and budget, must be taken into consideration when selecting an appropriate solution for an organization.
The main purpose of web security solutions include not only protecting attacks coming from in-coming web traffic but also protecting users from inappropriate use of Internet, or forcing users to comply the organization’s web access policy. There are many web security solutions and platforms, widely implemented nowadays.
Factors such as number of web users, compatibility to enforce web access policy for end-users, ease of use, and budget, must be taken into consideration when selecting an appropriate solution for an organization
NAC is a solution that restricts access to the network based on identity or security posture. When network devices are configured for NAC, they can force user or machine authentication prior to granting access to the network. In addition, guest access can be granted to a quarantine area for remediation of any problems that may have caused authentication failure. A typical (non-free) Wi-Fi connection is a form of NAC, the user must present some sort of credentials before being granted access to the network
There are many NAC solutions, the legacy NAC controls users via network devices, it is normally required the re-configuration of existing network devices, so it takes both time and effort for the legacy NAC implementation. A newer approach NAC appliance-based solution can give real-time visibility to users, devices, operating systems and applications that are connected to the network without any need for re-configuration. It incorporates a comprehensive, high performance host interrogation engine and provides an abundance of information about what is on that network, and also provides an extensive range of automated controls that preserve the user experience and keep businesses running to the maximum extent possible.
Attacks can come to clients from two ways – coming from Gateway, in which the Gateway Security cannot protect, and coming directly from accessories that connect to the clients such as USB devices, CD/DVD, etc. Many endpoint security solutions protect not only threats or attacks to clients, but also the organization’s confidential data from leaking to outside.
More and more organizations have been migrating their physical systems to virtual systems, using virtualization solutions. Virtual systems may be located on-premise, on Cloud, or both (hybrid environment), so security becomes more important for virtual environment. Although security solutions for physical environment can also be applied for virtual environment, but since virtual systems are built based on the optimized use of system resources, security solutions for virtual environment should not only protect attacks effectively, but also use system resources effectively.
(SIEM) is a term for software products and services combining security information management (SIM) and security event management (SEM). SIEM technology provides real-time analysis of security alerts generated by network devices and software applications. SIEM is sold as software, appliances or managed services, and are also used to log security data and generate reports for compliance purposes. SIEM solutions can help customers to identify and prioritize security threats, organize and track incident response activities, and simplify audit and compliance activities.
How did you know that your user ID and password are secured to logon into system?
We have solution to authenticate user logon into the system that supports several devices such as biometric and non-biometric authentication units. It supports to do Single-sign-on (SSO) with your web application and windows application.
SecureSuite V (SSV)is an authentication software. It can support 5 categories of authentication unit.
1. Finger Vein
3. IC Card
4. One Time Password (OTP/Token)
SSV support to do Single-Sign-On (SSO) for Web Application and Windows Application
SSV operates with Microsoft Active Directory that we can use SSV console to do everything as well as Microsoft Active Directory Users and Computers console. Furthermore, we can define users to do authenticate with several authentication units (Multi-Factor Authentication) to authentication into system.Additional, SSV keeps log every transaction that user logon into the system and we can filter in the period that you want.
SSV operates in multi-environment that synchronize with Microsoft Active Directory. For example,
Mofiria: Finger Vein Authentication unit, is a scanning finger vein device. It has a method that specifies an individual using the vein pattern inside one's fingers.Mofiria has many models that easy to carry everywhere.
Mofiria adopt a unique reflective dispersion method, which near-infrared lights emitted from LED is reflected inside the finger, and the vein pattern image is captured by a CMOS sensor.
Since deoxyhemoglobin in the blood absorbs near-infrared lights, vein patterns appear as a series of dark lines. The near-infrared lights combined with a special camera capture an image of the finger vein patterns. The image is then converted into pattern data and stored as a template of a person's biometric authentication data. During authenticationby SSV, the finger vein image is captured and compared against the stored template of the user or stored it into the SSV database.