Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Auth shield information security solution provider for banking sector in india

427 views

Published on

AuthShield is a pioneer in the arena of catering Information security solution to businesses of different genres. Innovative features and convenience of services are two important aspects of this company.

Published in: Technology
  • Be the first to comment

Auth shield information security solution provider for banking sector in india

  1. 1. INFORMATION SECURITY “The threats from within are increasing on a daily basis. 78% of all information security breaches happen internally”
  2. 2. WELCOME TO – GREATER MUMBAI BANK 05/26/15PrivateandConfidential-INNEFULABS 2
  3. 3. PRESENTATION FORMAT  Current Architecture  Secure Architecture - INNEFU’s AuthShield 05/26/15 3 PrivateandConfidential-INNEFULABS
  4. 4. 05/26/15PrivateandConfidential-INNEFULABS 4
  5. 5. CURRENT ASSETS  E-mail servers  Database servers  Core Banking Application / Application Servers  Intranet Applications  Web Applications 05/26/15 5 PrivateandConfidential-INNEFULABS
  6. 6. CURRENT ARCHITECTURE  Disparate Architecture  Servers on Public IP’s  No single Sign on  No DMZ  No Multifactor Authentication 05/26/15 6 PrivateandConfidential-INNEFULABS
  7. 7. INFORMATION SECURITY - CURRENT  Anti – Virus  Firewall  Unified Threat Management  People and Processes –  Security Policy  Processes to connect to the Internet  No authorization for Pen drives, CD’s, Laptops etc 05/26/15 7 PrivateandConfidential-INNEFULABS
  8. 8. INFORMATION SECURITY  Single Sign on, authentication and Authorization – Open LDAP / AD integrated with RADIUS  Virtual Private Network for critical Third party Applications  Multifactor Authentication for –  Net Banking  Core Banking Applications  Third Party Applications  Technical Audit – Vulnerability Assessment and Penetration testing 05/26/15 8 PrivateandConfidential-INNEFULABS
  9. 9. SINGLE SIGN ON 05/26/15 9 PrivateandConfidential-INNEFULABS
  10. 10. ADVANTAGES  User only has to remember a single password instead of multiple complex passwords  Reduces time spent re-entering passwords for the same identity  Increases security - Users select stronger passwords, since the need for multiple passwords and change synchronization is avoided  Security on all levels of entry/exit/access to systems without the inconvenience of re- prompting users 05/26/15 10 PrivateandConfidential-INNEFULABS
  11. 11. RADIUS SERVER 05/26/15 11 PrivateandConfidential-INNEFULABS
  12. 12. ADVANTAGES  Client Server Architecture  Once the user is authenticated, the client provides the user with access to appropriate network services  The Authentication Request is sent over the network from the RADIUS client to the RADIUS server  If the user name and password are correct, the server sends an Authentication Acknowledgment that includes information on the user's network system and service requirements. 05/26/15 12 PrivateandConfidential-INNEFULABS
  13. 13. VPN FOR THIRD PARTY APPLICATIONS 05/26/15 13 PrivateandConfidential-INNEFULABS
  14. 14. CONTD. 05/26/15 14 PrivateandConfidential-INNEFULABS
  15. 15. ADVANTAGES  Extended connections across multiple geographic locations without using a leased line  Improved security for exchanging data  Flexibility for remote offices and employees to use the business intranet over an existing Internet connection as if they're directly connected to the network  Savings in time and expense for employees to commute if they work from home  Improved productivity for remote employees 05/26/15 15 PrivateandConfidential-INNEFULABS
  16. 16. MULTIFACTOR AUTHENTICATION 05/26/15 16 PrivateandConfidential-INNEFULABS Point of Attack
  17. 17. IDENTITY THEFT  Fastest growing white collar crime  11 Million Americans affected in 2010-2011 • 900,000 new victims each year • Cost to businesses more than $50 billion • Cost per incident to company $6,383  Hours spent per victim resolving the problem as shown by identity theft statistics: 30  Irreparable loss to Company’s Brand/Image  Loss of Clientele 05/26/15 17 PrivateandConfidential-INNEFULABS
  18. 18. 05/26/15PrivateandConfidential-INNEFULABS 18
  19. 19. POINT OF ATTACK  Customers  Vendors  Development Team  Power Users/Key Users/Super Users  Agents  End Users  Employees… 05/26/15 19 PrivateandConfidential-INNEFULABS
  20. 20. METHODS OF ATTACK  Phishing  Virus, Trojans, worms inside the company’s architecture or personal computer of users  LAN Attacks – Remote Sniffing  Web Vulnerabilities including SQL Injection, XSS attacks and Cookie capturing 05/26/15 20 PrivateandConfidential-INNEFULABS
  21. 21. ASSETS  Web Application  Application Servers  VPN/SSL  Intranet Applications  Database Servers  Local LAN / WiFi 05/26/15 21 PrivateandConfidential-INNEFULABS
  22. 22. MFID – MULTIFACTOR AUTHENTICATION  Map the physical identity of the user to the server  Identify the user based on –  Something he knows (user name / password)  Something in the users possessions 05/26/15 22 PrivateandConfidential-INNEFULABS
  23. 23. INNEFU’S AUTHSHIELD  Multi factor authentication system which uses either of the three authentication mechanisms Soft Token Hard token Mobile Token E-Token 05/26/15 23 PrivateandConfidential-INNEFULABS
  24. 24. HARD TOKEN – IDENTIFYING THE USER ON THE BASIS OF HIS KEY 05/26/15 24 PrivateandConfidential-INNEFULABS
  25. 25. PROTECT VPN AND CUSTOM MADE APPLICATIONS  Security device given to authorized users  The device displays a changing number that is typed in as a password  The password is based on a pre defined unbreakable randomized algorithm  Every time the user accesses a critical IT asset, the randomly generated number is matched with the server to verify users credentials 05/26/15 25 PrivateandConfidential-INNEFULABS
  26. 26. SOFT TOKEN – IDENTIFYING THE USER ON THE BASIS OF HIS PHONE NUMBER 05/26/15 26 PrivateandConfidential-INNEFULABS
  27. 27. MOBILE TOKEN – GENERATING TOKEN VIA MOBILE PHONES Innefu BlackBerry AuthShield for Web Clients– 05/26/15 27 PrivateandConfidential-INNEFULABS 1). User accesses the token generation application on his BB device 3). Request Forwarded to IAS 3). 2).Request Sent to BES 4). Token Generated 6). Access BES IAS Web Client – UN+PWD+TOKEN 5). Credentials Entered IAS & AD
  28. 28. PROTECT INTERNET BANKING  The OTP is sent either via SMS or the OTP is generated by the smart phone itself  The user use the OTP to log into any web application or intranet application  Works on all smart phones with GPRS enabled  The system does not depend on the memory or the processor usage of the phones 05/26/15 28 PrivateandConfidential-INNEFULABS
  29. 29. FEATURES  OS Independent Authentication Mechanism  Seamless Integration with the current business and security architecture  Works as a stand alone authentication mechanism or in connection with-  Microsoft AD  Firewall  VPN  Wi-Fi  Terminal services etc 05/26/15 29 PrivateandConfidential-INNEFULABS
  30. 30. CONTD.  Increases the log on security for critical applications  Unbreakable encryption on the lines of those used by US Government  Prevent identity theft by up to 99% 05/26/15 30 PrivateandConfidential-INNEFULABS
  31. 31. CONTD.  All logs are stored in a secured database (completely encrypted) for future analysis  Date and Time  User  Time Gap  Access to logs only available to Admin team  Privileges assigned to every users  IP Address of the user 05/26/15 31 PrivateandConfidential-INNEFULABS
  32. 32. TECHNICAL AUDIT  Vulnerability Assessment and Penetration testing  Internal Audit – Test all the IT assets of the organization with login privileges  External Audit – Test all the IT assets of the organization without login privileges  Identify all vulnerabilities  Penetration tests to remove false positives 05/26/15 32 PrivateandConfidential-INNEFULABS
  33. 33. THANK YOU QUESTIONS WELCOME AUTH-SHIELD LABS PVT. LTD http://auth-shield.com/ +91-11-47065864 / 66 contact@auth-shield.com 05/26/15PrivateandConfidential-INNEFULABS 33

×