SecSign Technologies’ new SecSign Portal is designed to store and protect sensitive company information.
The portal provides companies with unhackable logins and a private storage vault immune to 99% of all hacking attempts – including phishing, malware, man-in-the-middle attacks, SQL injection, SIM card cloning, phone number porting, and the hacking of the master key from the token provider’s server.
Because most cloud-based file storage services use a two-step verification system based on passwords and one time codes they fail to adequately protect organizations from the sophisticated cybersecurity threats out there today.
The SecSign Portal therefore offers businesses a far more secure solution without compromising usability. The portal controls user access with next-generation, two-factor mobile authentication and public key cryptography, and is not SMS or mobile network based.
When using SecSign, one must authenticate their identities via a mobile device using a fingerprint scan and/or a PIN, to confirm the possession of a physical key in order to enter the system. This two-factor authentication guarantees that credentials, usernames and passwords are never passed or stored from the device to the server and, as a result, no data can be stolen during the login process or transmission to a server.
“The SecSign Portal offers a completely confidential solution to enterprises, providing top-level security for user access and continuously encrypting all stored files, data, and messages,” said Falk Goossens, Chief Executive Officer of SecSign Technologies. “The level of protection offered far surpasses anything previously available – offering complete peace of mind for CTOs, with layers of security that go well beyond that which most other file storage and sharing services currently provide.”
Importantly, this superior approach avoids the entry or transmission of passwords or any other sensitive credentials during the login process, meaning that it is physically impossible for attackers to steal user credentials. No confidential credentials are ever entered, transmitted, or stored for the purposes of logins. Instead, SecSign ID uses mobile push authentication and public key infrastructure (PKI), which relies on the same fundamental security principles and the same combination of knowledge and possession that is used in smart card security.
In addition, all data in the portal is protected by AES-256 level encryption, and maintains encryption at all times, including during messaging, download, transfer, and sharing. Access is only given to authorized users. On top of this, access keys are safeguarded by a mechanism that can only be accessed with the simultaneous approval of three authorized administrators.
The on-premise solution enables any enterprise to license the technology in order to house “White Label” to the SecSign Portal, as well as the SecSign ID on its own systems architecture and behind its own firewalls, without having to worry about the security of external, overseas storage solutions, to achieve maximum level of regulation and risk compliance (HIPAA, PCI, HSPD, ISO)