m-Power Brings 2FA to Web Apps

May 6, 2014 Alex Woodie

Web applications built using mrc‘s m-Power development tool can now supplement password protection with two-factor authentication, the company announced from the COMMON conference in Florida.

The Heartbleed vulnerability in the OpenSSL encryption library has shocked the world by compromising many of people’s supposedly secure and encrypted sessions over the past two years. Users who thought their transactions were secure were actually exposed, putting all of their sensitive passwords at risk.

The Heartbleed episode has given new thrust to alternative authentication mechanisms. The folks at mrc have responded by announcing that applications built with its m-Power tool can support two factor authentication (2FA).

The new 2FA feature in m-Power works by using PIN numbers sent via SMS messages. “Any time a login attempt is made from an unrecognized computer,” the company says, “the application can automatically verify the user’s identity via another PIN number delivered to the verified phone. Without the correct pin number, the user cannot access the account.”

The Chicago company also is boosting its password protection by encrypting passwords within m-Power. The company says it supports multiple password encryption methods and also supports the capability to automatically encrypt passwords.

Password encryption is seen as another layer in the security cocoon. If an organization stores user IDs and passwords in plain text, it runs the risk that all of them will become corrupted if somebody gains unauthorized access to that server. However, if the authentication information is encrypted, it’s useless to hackers, unless they also have the encryption key.

“As security threats evolve, Web applications must evolve right along with them,” Tyler Wassell, mrc’s manager of software development, says in a press release. “These new enhancements help m-Power users keep their data and their applications secure in an increasingly insecure world.”

m-Power Takes IBM i Mobile Apps Offline

m-Power Gets Responsive with Screen Design

Cloud Consultant Program Launched by mrc

User Defined Dashboards Now Shipping from mrc

                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot

Tags:

CYBER-ATTACKS ON THE RISE. PROTECT WITH THE TRIPLE PLAY.

COVID-19 has not only caused a global pandemic, but has sparked a “cyber pandemic” as well.

“Cybersecurity experts predict that in 2021, there will be a cyber-attack incident every 11 seconds. This is nearly twice what it was in 2019 (every 19 seconds), and four times the rate five years ago (every 40 seconds in 2016). It is expected that cybercrime will cost the global economy $6.1 trillion annually, making it the third-largest economy in the world, right behind those of the United States and China.”¹

Protecting an organization’s data is not a single-faceted approach, and companies need to do everything they can to both proactively prevent an attempted attack and reactively respond to a successful attack.

UCG Technologies’ VAULT400 subscription defends IBM i and Intel systems against cyber-attacks through comprehensive protection with the Triple Play Protection – Cloud Backup, DRaaS, & Enterprise Cybersecurity Training.

Cyber-attacks become more sophisticated every day. The dramatic rise of the remote workforce has accelerated this trend as cyber criminals aggressively target company employees with online social engineering attacks. It is crucial that employees have proper training on what NOT to click on. Cyber threats and social engineering are constantly evolving and UCG’s Enterprise Cybersecurity Training (powered by KnowBe4) is designed to educate employees on the current cutting-edge cyber-attacks and how to reduce and eliminate them.

A company is only as strong as its weakest link and prevention is just part of the story. Organizations need to have a quick response and actionable plan to implement should their data become compromised. This is the role of cloud backup and disaster-recovery-as-a-service (DRaaS).

Data is a company’s most valuable asset. UCG’s VAULT400 Cloud Backup provides 256-bit encrypted backups to two (2) remote locations for safe retrieval should a cyber-attack occur. This is a necessary component of any protection strategy. Whether a single click on a malicious link brings down the Windows environment or an infected SQL server feeds the IBM i, once the data is compromised, there is no going back unless you have your data readily available.

Recovery is not a trivial task, especially when you factor in the time sensitive nature of restoring from an active attack. This leads to the third play of the Triple Play Protection – DRaaS. Companies have myriad concerns once an attack is realized and a managed service disaster recovery allows employees to keep focus on running the business in a crisis state.

The combination of training employees with secure backup and disaster recovery offers companies the best chance at avoiding financial disruption in an age of stronger, more frequent cyber-attacks.

Reach out to UCG Technologies to discuss your company’s security needs and develop a data protection plan that fits you best.

ucgtechnologies.com/triple-play

800.211.8798 | info@ucgtechnologies.com

U.S. Economy Creates A Decent Number Of Jobs In April As The World Turns: Investments In IBM i

Table of Contents

Content archive

Recent Posts

Subscribe

Pages

Search