Secfense Use Cases After 15-months in Business

Secfense meta 2a

The end of the beginning

Secfense has been founded in March 2018.

This means that by the time of writing this article we’ve just turned 15 months.

Since we’re pretty sentimental guys we thought it’s a good moment to look back and see what we have learned and accomplished during this time.

Secfense Use Cases

So without further ado, let me focus on what’s most interesting – use cases.

During these last 15 months, we started working with, did a POC (proof of concept) or conducted a demo for companies from industries such as:

  • Financial services
  • Healthcare
  • Transportation
  • Services
  • Utilities
  • E-commerce
  • Telecommunications
  • And various technology vendors, distributors, and resellers

This article describes some of the most interesting use cases where Secfense User Access Security Broker can do a great job and bring real value for companies from the above-mentioned industries.

Use Case 1: Banks with strong authentication already in place

One of the first industries that we have decided to approach was the banking and financial services sector. This industry is a leader in cyber-attacks performed on individuals and end-users.

Phishing emails inviting a person to click and type in banking details is now a sad standard. One survey conducted in 2018 claims that one in 61 emails in your inbox contains a malicious link. Banks obviously are well aware of it and that’s also a reason why the banking industry is without doubt best protected against phishing and credential theft.

While talking to corporate banks, commercial banks, and cooperative banks we have been confronted with various complex and advanced security policies.

While many of our customers have two-factor authentication (2FA) or SSL VPN already in place they still found our solution useful thanks to its one critical characteristic – scalability.

Having a two-factor authentication mechanism already in place doesn’t mean that there’s nothing we can do to help banks with cyber threats. On the contrary.

Secfense makes it possible to easily scale strong authentication mechanisms on any business application within an organization. The deployment takes just minutes and does not require any software development work.  

So banks that have 2FA (two-factor authentication) already in place are the ones that can benefit from our help much faster than other companies.

Their employees and customers have already adopted the technology, and they know how to use strong authentication mechanisms. So it’s only a matter of scaling it to more applications, no additional training and a complicated onboarding process are necessary.

The learning phase goes smoothly, and the level of security rises rapidly. More about our offer for the financial services.

Use Case 2: Cooperative banks and PSD2 directive.

Another use case for banks is related to a thing called PSD2 which stands for The Revised Payment Services Directive. To be more detailed, the part of PSD2 talks about the need for businesses to provide Strong Customer Authentication (SCA) for e-commerce payments.

Until recently, strong authentication was a choice. Big commercial banks with big budgets were able to introduce strong authentication years ago. Smaller banks, for example, cooperative banks, were confronted with a big technological challenge that they had to address somehow.

After some demo sessions that we performed for a couple of local cooperative banks, we have realized that there’s a huge potential for these banks to save time and money and quickly adjust to the PSD2 directive by introducing Secfense. As required by the directive, a Strong Customer Authentication solution that comes in the form of physical or virtual appliances and can be introduced in hours can save time and money that small banks simply don’t have.

There are niches that standard cybersecurity solutions simply can’t cover. Strong SSO authentication is difficult to implement using standard market solutions, and for example, in the banking sector, this is still a big challenge.

Use Case 3: Many employees, one workstation

This use case has been introduced to us by a big international financial services company.

Like many big corporations, they need to manage thousands of employees in hundreds of locations and ensure that they have safe access to the company’s financial applications online.

The challenge that they decided to discuss with us was pretty interesting.

The company wanted to ‘bless’ only specific workstations in specific offices so various employees work on them. Something like a master key that hangs on a wall in the office and allows many employees to use it to access a workstation.

Introducing U2F security keys to the specific app would not solve the problem in this particular scenario. The security key is allowed each time for the user login process, making it, in fact, a trusted location. The goal, however, was to make it possible for the user to log in only from this specific physical location. At the same time when the person would intend to log in from elsewhere, that would not be possible.

After some thinking, we came to the conclusion that the best way to approach it was through Secfense microauthorizations in a supervisor mode. To read more about microauthorizations, go here.  

Use Case 4: Business Intelligence and Employee Performance

While previous use cases are something that we have actually been thinking to address while building Secfense, I must admit that this use case was something that none of us have ever thought about.

When talking to one big insurance company one of the people responsible for business development pointed out that our authentication mechanisms can serve well in supervising, monitoring, and registering people’s behaviors within the application.

The case was as follows. The group of salespeople within the company have figured out a way to cheat the commission & reward system. A salesperson had to achieve a particular level of sales to be qualified to receive a commission. Some clever salespeople have realized that if they can’t reach that level on their own, they can move some part of their sales to a friend (that will in this way sell much more) and then split the commission between them. One salesperson was simply sharing his login and username with a friend so that the other person could add their part of sales deals to the CRM.

The company was aware of this but hasn’t been able to track down which salespeople have been doing that and how often. The goal here was not to fire these salespeople (because there was a suspicion that it’s a phenomenon mostly practiced by salespeople that are pretty effective anyway) but rather to gain some business intelligence and learn how to motivate employees in a clearer, more efficient, and more transparent way.

The second factor of authentication, in this case, would not potentially be sufficient because since it’s done by a salesperson’s consent, that salesperson would share a second factor (security key or an OTP code) in the same way that has previously shared a user name and password.

The way that Secfense goes around that is by introducing microauthorizations. This basically means that a person working in the CRM would need to use a second factor every single time when adding a new contract to the system. Microauthorizations allow an application admin to add additional steps of authorization on any step of a user journey within the app. Also, along with the authorization, data about the user’s environment are collected, which enables capturing patterns of behavior related to cheating the system.

Use Case 5: Trusted devices.

One of the New York-based medical centers wanted to expand their preferred method of two-factor that they have already been using. Their 2FA of choice was Microsoft Authenticator and they have already been using them with some users on some apps. The challenge here was related to UX (user experience).

The hospital wanted to allow its users to add their company laptops and stationary computers to trusted devices so it’s not necessary to re-authenticate with the second factor every time employees were actually accessing their resources.

That was a feature that we had on our roadmap and one month after our discovery call we were able to fulfill our customer’s needs and enable a trusted devices mechanism as one of the features.  

To learn more about our offer for the healthcare industry please visit this link.

Use Case 6: Windows Hello, SSL VPN, OWA (Outlook Web Access)…

There are more and more use cases that we discover every day by talking to our customers. Just recently we figured out:

  • how to take advantage of Windows Hello biometric authentication to protect business apps
  • how to enhance the safety of SSL VPN in the organization
  • how to protect business OWA (Outlook Web Access) with two-factor mechanisms

Schedule a discovery call with us here and see if we can help with your data security challenge.

Antoni takes care of all the marketing content that comes from Secfense. Read More

Testimonials

We are faced with new challenges every day. We must always be one step ahead of the attackers and know what they are going to do before they do it. We are convinced that the User Access Security Broker will bring security to a new level, both for those working at the office and from home. For us, working with Secfense is an opportunity to exchange experience with developers who put great value on out-of-the-box thinking.

Krzysztof Słotwiński

Business Continuity and Computer Security Officer

BNP Paribas Bank Poland

As part of the pre-implementation analysis, we verified that users utilize a wide range of client platforms: desktop computers, laptops, tablets, smartphones, and traditional mobile phones. Each of these devices differs in technological advancement, features, and level of security. Because of this, and also due to the recommendation of the Polish Financial Supervision Authority (UKNF), we decided to introduce additional protection in the form of multi-factor authentication mechanisms based on FIDO. As a result, users of our applications can log in safely, avoiding common cyber threats such as phishing, account takeover, and theft of their own and their clients’ data.

Marcin Bobruk

CEO

Sandis

We are excited to partner with Secfense to enhance our user access security for our web apps. By integrating their User Access Security Broker, we ensure seamless and secure protection for our applications and systems, delivering superior security and convenience to our customers.

Charm Abeywardana

IT & Infrastructure

Visium Networks

Before investing in Secfense, we had the opportunity to talk to its existing clients. Their reactions were unanimous: wow, it’s so easy to use. We were particularly impressed by the fact that implementing their solution does not require the involvement of IT developers. It gives Secfense a huge advantage over the competition, and at the same time opens the door to potential customers who so far were afraid of changes related to the implementation of multi-factor authentication solutions.

Mateusz Bodio

Managing Director

RKKVC

Even when the network and infrastructure are secured enough, social engineering and passwords can be used to gain control of the system by attackers. Multifactor authentication is the current trend. Secfense addresses this and allows you to build zero trust security and upgrade your current systems to passwordless applications within minutes, solving this problem right away,” said Eduard Kučera, Partner at Presto Ventures and cybersecurity expert – former Director in hugely successful Czech multinational cyber security firm Avast.

Eduard Kučera

Partner

Presto Ventures

One of the biggest challenges the world is facing today is securing our identity online. That’s why we were so keen to have Secfense in our portfolio. They make it possible to introduce strong authentication in an automated way. Until now, organizations had to selectively protect applications because the deployment of new technology was very hard, or even impossible. With Secfense, the implementation of multi-factor authentication is no longer a problem, and all organizations can use the highest standards of authentication security.

Stanislav Ivanov

Founding Partner

Tera Ventures

Two-factor authentication is known to be one of the best ways to protect against phishing; however, its implementation has always been difficult. Secfense helped us solve that problem. With their security broker, we were able to introduce various 2FA methods on our web applications at once.

Dariusz Pitala

Head of IT

MPEC S.A.