Uncategorized Archives

Reinventing Endpoint Cybersecurity for Online Banking

AppGuard for Commercial Bank and Wealth Management Customers

Cybersecurity is a rapidly growing and critical concern for banks and their customers. Financial institution’s customers suffer daily attacks that could result in loss of data, assets, and most importantly, customer confidence and brand reputation. Online banking users are increasingly exposed to new attacks like spear-phishing, keyloggers, password spraying, Ursnif, and more. Some of the largest financial services institutions are investing millions to protect their customers from cyber theft, ransomware, and other forms of attack. The problem? How can they manage outside assets while ensuring customers a safer online banking experience?

Moreover, implementing security practices and providing training is not helping, as there are no checks and balances in place to verify if the customer is abiding by security measures. Banks have no control over how customers are using their systems, therefore are unable to effectively protect them from attacks.

Recent headlines have shown attacks like keylogger are going unnoticed for weeks and, in some cases, even months. Most traditional solutions require a continuous network connection, making it hard for financial institutions to protect their customers at all times. Additionally, a bulky solution affects system speed and performance, encouraging customers to uninstall or deactivate the security solution — opening them up for serious attacks.

Effective Breach Prevention for Unmanaged Devices

AppGuard’s unique patented dynamic endpoint defense prevents all breaches from occurring by disrupting the earliest and subsequent stages of a cyber attack. AppGuard does not require any user interaction or cause CPU degradation. It simply protects the endpoint irrespective of network connection.

Don’t take our word for it – see how AppGuard is protecting large financial institution’s customers since 2017.

Case Study:

Problem: Need to increase online banking adoption rate and create a more secure online banking experience for the enterprise and members.

Solution: Four key benefits that a large financial institute found in the distribution of AppGuard: more secure online banking experience, improved member retention, increased online banking adoption rate, and marketing opportunity to attract new organizations, small businesses and new members.

Why AppGuard? AppGuard offers an additional layer of security to the online banking experience, with better protection for the enterprise and end users. It is a simple, elegant, scalable, and easy to deploy solution. AppGuard has a very small footprint of less than 1MB. It is transparent to the end user and does not interfere with their normal operation.

With AppGuard, this large financial institute was able to achieve these four key benefits:

Offer to online banking members as a thank-you and way to protect their personal PCs.
By having AppGuard on the PCs that connect to it, AppGuard protects their online banking portal, adding another layer of security.
Convince the banking customers that presently do not bank online that they do indeed offer a secure online service. Online banking is more cost effective for banks than having customers use branch services.
Be able to promote/market to associations and individuals to bank with them because of their secure online banking presence.

“Distributing AppGuard to my members secured our online banking and increased membership and usage by quelling their fears.”
~ CIO of the Financial Institute

Summary: The consumer endpoint is under attack and in many cases are the access to portals for malware penetration. The consumer can not afford multiple layers of security or have the expertise for complex applications that larger enterprises might have. AppGuard is the solution that would compliment or support the weakened anti virus solution that is still at present the security for a consumer computer.

AppGuard Benefits

Defeat Emerging Malware — defeats new emerging malware that other approaches cannot stop, such as when malware utilizes existing Windows capabilities and tools for malicious reasons.
Defeat Weaponized Documents — protects endpoints against weaponized document attacks by preventing the execution of malware and ransomware in the first place.
Versatile Defense through Runtime Processes — runtime process protections provide a versatile defense that extends the protection to endpoint processes, server processes, and insider threats.
No Update Ever Needed — does not require constant updates; AppGuard builds lists of known security threats already identified by other sources. Its integrated software-only approach is seamless with all Microsoft Windows platforms, stands alone with no OS hooks, and includes all documented APIs.
No CPU Degradation — carries a light footprint with no processor dependency and minimal system resource requirements. Transparent to the end user, AppGuard creates an efficiency management function that is less resource-intensive than even legacy antivirus platforms.
No User Interaction Required — does not require user interaction once installed. AppGuard does it all for you, completely autonomously.

Want to learn more or experience it before buying? Contact us.

Campus WiFi

Connect Your Students to the World!

The concept of online learning and self-teaching has been widely adopted. With the rising popularity of online courses, students now expect to be able to connect to their educational resources at anytime, anywhere. From online live lectures and webinars to e-Books and other online resources, it’s clear that the Internet has become a powerful teaching tool in education.

Wi-Fi connectivity helps in seamless teaching and learning. The role of wireless campus for the enhancement of teaching learning process is vast. With Wi-Fi access throughout the campus, information is just a click away. The wireless campus also supports everyday activities seamlessly in classroom contexts.

Universities & colleges need a flexible, cost-effective and future-proof network infrastructure that enables students and staff to connect with ease and throughout the whole campus.

Key Challenges in a Campus

Nowadays, institutions compete for students, and campus experience plays a large part in the decision-making process for prospective undergraduates and postgraduates students. Students demand high-quality, reliable Wi-Fi experiences not only in the classroom but also during free time when they’re streaming Netflix, YouTube etc. or accessing online resources. More and more, potential and current students judge the quality of a university by its wireless network, and an under performing Wi-Fi network can impact the institution’s bottom line.

For university CIOs and their IT staff, the design and upkeep of campus Wi-Fi networks was once a moderately straightforward undertaking. Today, however, situation is totally different. Campuses are now facing key challenges:

I. A larger user base is trying to connect

There are masses of users (students, Faculty members & guests) trying to connect to College Wi-Fi and most of them have at least two devices that they want to connect. With demands like that across campuses, colleges need to take steps to ensure that students are able to access what they need for education and entertainment.

If your institution isn’t accounting for this vast user base and its ramifications in terms of bandwidth, coverage and security, you can bet that students and staff are experiencing problems with your network.

II. Bandwidth management

One of the biggest challenges that most campuses deal with are issues surrounding bandwidth. Some users consume all the bandwidth and other are left with no connection or poor connectivity. In order to keep up with your users expectations & demands, location based access restrictions for students and other similar policy controls are some of the controls that campuses need.

III. Accountability & Content Filtering

Complying with local laws and ensuring objectionable content is blocked is a key requirement of campus networks. There are today thousands of websites linked with terror networks and cybercrime which may adversely impact the student community. With growing security concerns, particularly from unverified visitors in public hotspots, most campus owners are looking for ways to track the network activity of Wi-Fi users. Having logs to investigate cybercrimes is critical for any public hotspot.

IV. BYOD Brings Increased Demand and Challenges

The fact is BYOD puts a heavy strain on a campus’ bandwidth, and dealing with the issue requires more than simply telling users to limit their usage. Does your wireless networking infrastructure enable your IT professionals to have a high level of application visibility and control? Have you developed policies to prioritize different applications and devices accessing the network? If the answer is no, this is a pretty big indicator that your campus Wi-Fi network may be failing and you need to take action now.

V. Your Network Is Unsecure

There’s no room for error when it comes to protecting student and staff information, so it’s crucial to ensure that your campus Wi-Fi network is protected from cyber threats like ransomware and other dangerous intrusions. Securing your wireless network must be a top priority when you’re dealing with hundreds to thousands of users connecting through multiple devices at every moment of the day. If you’re allowing guests to connect to the main network and you’re not ensuring robust protection against intrusions, your campus Wi-Fi network is failing.

VI. Monetize

Campuses often act as an ISP providing paid broadband services to on campus student housing and usage limited monthly plans. Managing the recurrent billing and collection of such services is a key challenge to monetization of services.

VII. Portal & Dashboard

Users also need a Self-service tools to check their network activity, view usage, pay bills and change network passwords.

Inventum’s offering allows your campus to benefit from fast, reliable Internet service. Now, institutions can flexibly connect staff and students with ease, while enjoying peace of mind that access is secure and controlled.

Bandwidth Management — **Inventum All-in-one solution for hotspots**

Inventum’s MSG gateways offer a single-stop solution for campus networks. The all-in-one appliance combines the functions of a router, firewall, NAC, user directory & more in a ready-to-deploy solution. Administrators can directly connect WAN & LAN links to the appliance for end-to-end operations & management of their Wi-Fi networks.

It also offers a built in portal and self care system. All new customers are redirected to a login page where they can first register using forms or a simple mobile number with OTP verification code. Prepay PIN, scratch card, Internet plan purchase using credit card or roaming from aggregators such as iPass are all supported. Returning customers are seamlessly recognised with zero touch access.

It can also set a speed limit per student, limit download volume and ensure fair bandwidth distribution. Built-in firewall secures the network, filtering content and keeping browsing logs for legal compliance.

For end point connectivity, Institutions can also use Inventum’s udaya series of products which are all managed centrally from a public cloud including configuration, monitoring, captive portals, SMS sign-on, payment gateway interfaces and analytics.

Campuses with multiple locations can consider our zero capex cloud solution to get started immediately. The offering includes virtual routers as part of the subscription allowing any server on campus to be used as a gateway router for the hotspot(s). All other elements are managed via the UNIFY™ Cloud platform with no additional on-site hardware required. All you need are Wi-Fi access points to get started!

Key Benefits

Easy setup & management
Easily scalable
Excellent price-to-performance value
Many Models to Choose From

Is your campus Wi-Fi quality affecting your rating? Contact us

Ransomware Attacks Are on the Rise, What Enterprises Can Do to Stop Future Attacks?

Ransomware is “a type of malware that prevents users from accessing their system or personal files and demands payment in order to regain access.” The earliest variants of ransomware were developed in the late 1980s, and payment was to be sent via snail mail. Today, ransomware authors order that payment be sent via cryptocurrency or credit card.

Ransomware is a severe threat not only for individual users but also for corporate network environments because it allows cyber criminals to gain a lot of money in a short amount of time. While some ransomware strains demonstrate strong coding skills and great sophistication, ransomware distribution platforms allow conducting a ransomware campaign without needing to have a developer background. When browsing the dark web, it is not uncommon to find shady websites promoting ransomware-as-a-service platforms. These malicious actors offer, for a fee, the same services a legit cloud provider would, such as development, tech support, customized dashboards, etc., without any need for the attacker to know any programming languages. The cybercriminals running it offer the attackers all they need, including binaries, documentation, detailed instructions and tech support.

Ransomware attacks are often successful because corporate organizations have security gaps with their patch and configuration management policies. Most organizations apply updates and patches only after testing them in a demo environment, which might create a window of opportunity for attackers to successfully exploit a vulnerability that the latest patches would have remediated.

Recent ransomware strains like Ryuk, often delivered through large botnets such as Emotet or TrickBot, have become more sophisticated and lethal. The city of New Orleans was recently forced to declare a state of emergency after a Ryuk ransomware attack took place on December 13, 2019. The infection spread so fast and dramatically that the city was forced to order all employees to power down computers and disconnect from Wi-Fi.

Another recent ransomware attack took down a US Coast Guard base for around 30 hours and was reportedly triggered by an employee who opened an infected email.

Many surely remember the WannaCry ransomware outbreak, which successfully compromised a very large number of computers over a short time frame in May 2017. Not everyone knows, though, that Microsoft had released a patch to fix the underlying SMB vulnerability some months before this widespread infection started occurring, but most individual and corporate users had not applied this patch yet.

Had most Windows users applied the patch earlier, the WannaCry outbreak would have likely been much more contained than it actually was.

*Source: https://www.cyber.nj.gov/threat-profiles/ransomware-variants/ryuk*

Should You Pay the Ransom?

This is a very controversial topic. Government and law enforcement agencies mostly recommend not to pay.

An efficient and secure backup policy can minimize the risks related to a ransomware infection. If backup copies are created regularly and stored securely (including offline), the victim user/organization can have a much better chance to resolve this situation without suffering excessive damages.

However, sometimes the answer to this question cannot be so clear-cut. Much depends on how valuable the information being held for ransom is for the organization and on how much downtime an organization can afford. Even with an efficient and secure backup policy in place (and tested regularly!), there may be situations when an organization cannot afford to lose data or having its servers and workstations down, even for a limited time.

Backups are normally performed on a fixed schedule. A company having a large website, forming the bulk of its business, cannot afford to lose, for example, the transactions finalized over the day, or even over the last hour because it could mean losing millions of dollars. Additionally, if an organization’s business relies on proprietary information and said information is being held for ransom, the organization may seemingly have no other choice but to pay.

However, paying the ransom does not always guarantee that the files held for ransom will actually be decrypted.

Many ransomware attackers will provide the decryption key after receiving the related Bitcoin payment, while others do not. Sometimes a bug or some other technical issue prevents the provided decryption key from working to successfully decrypt all ransomed files. Often the decryption process, even if works, is extremely slow and unreliable.

Whether the attackers and their decryption tools release your files or not, this is definitely a situation your organization does not want to be in.

What Enterprises Can Do to Stop Future Attacks

Use Prevention vs. Detect & Respond Solutions
What good is a cybersecurity solution that detects attacks after they have happened? Or worse, misses the threat completely, like the Dominion
National or AMCA attacks. Utilizing prevention methods that can stop zeroday and other known and unknown advanced attacks is crucial for a robust security framework. A preventative approach will also take the
pressure off IT/Sec-Ops and minimize attacks due to human error.

Arm Employees with Training and the Right Set of Tools
As you noticed from the list of attacks, most attacks occur through online social engineering schemes that manipulate users to open the doors
for hackers. One of the most common examples of this is a fileless attack.
The bottom line is employees can be the first line of defense against such threats. They must learn how to spot phishing schemes, not download
attachments without context, even when sent from an existing contact.

Don’t Assume Your System is Secure; Perform Continuous Threat Monitoring
Develop an understanding of the current threat environment and take appropriate measures to protect yourself from attacks. Evaluate your
existing security solution stack and practices and periodically employ third-party pen testers to do in-depth vulnerability testing. Gain visibility across your environment, so you know what software and systems have weaknesses. Once identified, prioritize the most critical vulnerabilities so you can mitigate those first.

An average organization has more than 200 apps: there are ample opportunities for bad actors to find weaknesses, and that is just the apps IT knows about—shadow IT increases the risk. Gartner estimates a third of successful attacks next year will involve shadow IT. No organization can address all vulnerabilities, even with the best IT teams and technology in place—therefore, a preventive solution is key.

Manage Third-Party Risks
Most companies rely on a variety of vendors, suppliers, and partners—and those relationships bring unwanted exposure to the business. Even with a strong security posture, attackers can simply find the weakest link in the supply chain and use it to gain access. Segment your network and limit third party access to critical infrastructure. Establish security checks and
thresholds for partners and vendors.

Cybersecurity Should Be a Culture, Not a Practice
A strong cybersecurity culture goes beyond employee training and awareness. Everyone in the company—from the board of directors
and C-suite executive leadership to every line employee—should view themselves as a critical part of strong security defense. Board and senior leadership should make cybersecurity a priority. Executive leaders should emphasize a cybersecurity culture of “no-fear” where an employee can raise appropriate alarms if they make a mistake, instead of sweeping it under the rug from the fear of getting fired.

Devise Comprehensive Incident Response Plans
Incident response (IR) should never be treated as an ad-hoc process. Assume that your security parameters are already compromised. Your security team should already have a well-defined methodology and IR playbook that is updated continuously based on new attack vectors that can be quickly implemented to quarantine, block, or eliminate malicious network traffic.

How AppGuard Can Help

Every cybersecurity company talks about how great their products are — that’s how marketing works. But business leaders have noticed that for all the talk about how effective today’s malware detection and response software is, hackers keep finding new ways to breach the data repositories companies spend so much time and effort to protect.

AppGuard is different because our patented technology guards and isolates processes that start from an application, no matter how trustworthy they look. That’s a radically different approach than “detect and respond” cybersecurity strategies. It doesn’t rely on alerting IT or security operations teams so they can check out suspicious activities. AppGuard stops the processes before they can cause harm.

Since we don’t operate in a “detect and respond” model, AppGuard doesn’t require extensive whitelisting, updates or connection to a central server. That means human error and overworked IT/security operations teams don’t contribute to risks for AppGuard users. AppGuard delivers complete endpoint protection on a zero-trust basis.

We’re the only solution that prevents breaches from both known and unknown cyber threats, and in our nine-year history, users have never reported a breach.

AppGuard has endpoint security locked down with products designed for a range of use cases, including:

AppGuard Enterprise, a centrally managed, host-based endpoint protection solution that prevents malware and all advanced attacks from harming the system.
AppGuard Server, a zero-trust, host-based endpoint protection agent for Windows and Linux servers, centrally managed from the same system as agents for laptops and desktops.
AppGuard Solo, a self-managed, zero-trust, host-based endpoint protection agent for laptops and desktops that is ideal for small businesses and non-technical users.
AppGuard TRUSTICA Mobile & IoT, a centrally managed, host-based solution for making employee mobile devices safe to use for the enterprise without intrusive co-administration.

So, if you’re looking for an edge over competitors, take a look at AppGuard’s products. With AppGuard, you can prevent breaches from occurring while focusing on your core strengths. There’s a cybersecurity crisis — let’s not waste it. Use AppGuard to create a safer connected world.

12th India Security Summit – Secure connectivity is need of the hour

The annual 12th India Security Summit held in New Delhi on August 28, 2019 was organized by the Associated Chambers of Commerce and Industry of India (ASSOCHAM), officially supported by the Ministry of Communications & IT, Government of India and created a platform for the Central Ministries, State Governments, Academia, Industry and other global stakeholders to come together and deliberate on the way forward. Theme of the event was “Towards New National Cyber Security Strategy”.

The summit was attended by Union Minister of State for Home Affairs Mr. G. Kishan Reddy other dignitaries including Israeli Ambassador to India Mr. Ron Malka and Minister of State in the PMO Dr. Jitendra Singh, National Cyber Security Coordinator Lt Gen Rajesh Pant and distinguished guests from Indian army, air force, navy and states police.

During the conference, many issues were discussed such as protection of critical national infrastructure, emerging cyber threats, challenges faced by various agencies in the field of cyber security, role of private sector etc.

Inventum has also stressed upon the need for securing national infrastructure and creating a secure society through using indigenous wire and wireless products that includes routers, gateways, access points, user authentication (AAA) etc.

All stakeholders were agreed upon that India needs to strengthen its defence against rising cyber-attacks and also formulate a national strategy for reducing the risk of cybercrimes. Therefore, National Cyber Security Strategy 2020 must address key challenges like ensuring coordination among multiple agencies handling different important cyber-related aspects, promoting awareness among individuals, businesses and the government etc.

At the summit, Inventum has also showcased a range of high speed routers, BNG, WAG, cyber security and Wi-Fi access point products to enables trust mobile data offload to Wi-Fi, packet accounting, lawful logging, control or filter application flows and block specific Internet content.

Inventum Technologies Featured in “20 most promising Smart City Solution providers 2018”

From managing assets and resources to smart monitoring of infrastructure, from enabling smooth city operations to connecting citizens to e-governance, communication networks serve as the very backbone of smart cities. Smart City building is no easy task with the government facing challenges in channelling finances to Smart Cities, building coordination among multiple stakeholders, retrofitting existing cities, and creating utility services to meet the energy demands.

As a result, this segment is now in need of vendors that can bring innovative techniques and technologies to not only tackle these challenges but to also equip smart cities with more potential for energy conservation, operational savings, public safety, and improved resource management.

Perfectly understanding these demands of the industry, CIOReview released a list of “20 Most Promising Smart City Solution Providers.” This catalog encompasses a set of skilled newage vendors that have translated their acquired expertise into successful technology deliveries. These companies have the capabilities to fulfill the need for cost-effective and flexible solutions and add more value to the Smart City landscape.

Inventum Technologies is featured in CIO Review Magazine in “20 most promising Smart City Solution providers 2018”

Inventum is an end-to-end solutions company with a strong made in India portfolio. Creating ripples in a market dominated by international players, Inventum has developed some of the most cutting-edge communication and networking products right here in India that are now competing in the global marketplace. The company is currently leading the smart city segment with over 12 smart city projects.

Inventum’s product portfolio includes an array of aggregation and edge Routers, Broadband Network Gateways (BNG), Virtual Routers (SDN/NFV), Carrier-Grade NAT (CGN), WLAN and OSS/BSS solutions targeting high performance and scalability that smart cities demand.

Governing bodies, municipalities and network owners are further benefited by Inventum’s operational and billing support systems that help identify users, usage patterns, locations and a plethora of data points. Inventum’s technology can also be leveraged to measure footfalls in public locations such as transport stations which in turn can be used to better plan and equip the infrastructure with such facilities.

Inventum’s lawful monitoring solutions are aimed at the achievement of enhanced security, another key feature of smart cities. With the ability to track, decode and record illegal activities over the Internet, the company’s router and network probe can be useful for police, NIA, etc. On top of that, the long term digital evidence storage capability of these systems can prove to be crucial in the judicial system to ensure the highest level of safety and protection for citizens.

CIOReview is a technology magazine that talks about the enterprise solutions that can redefine the business goals of enterprises tomorrow. It is the leading source that shares innovative enterprise solutions developed by established solutions providers, upcoming hot enterprises and is a neutral source for technology decision makers.

For more details on Inventum’s smart city solutions, click here.

Full details about the 2018 Vendors list can be found at https://smart-city.cioreviewindia.com/vendors/2018/

ISP Routers built for Africa launched at ICT Expo 2019 Kigali

A range of routers suited for the African ISP industry were launched at the recently concluded India-Africa ICT Expo 2019. Indian vendor Inventum showcased both its hardware & virtual router products at the event.

Inventum believes that it’s extensive experience with ISP, WISP, hotspots and Smart Cities in India will translate well for African customers who face similar challenges.

Inventum Booth at India Africa ICR 2019 — ***Inventum at India Africa ICT 2019, Kigali, Rwanda***

“We are a trusted made in India brand with 2 decades of proven experience in developing hardware and software solutions for the ISP & telecom sector which we believe is ideal for Africa…” said Mr. Anil Walia, Chief Sales Officer, Inventum.

Presently Inventum offers a range of high speed routers, BNG, WAG, cyber security and Wi-Fi access point products. The company also provides OSS/BSS, AAA, Postpaid & prepay billing products.