“The development of ACCESS is a significant achievement for AlertSec and an important solution for cyber security compliance”, said AlertSec CEO Ebba Blitz. “For large organizations, a big problem is how to be certain that data remains protected when shared with third party service providers. A policy or agreement is no guarantee and there is real risk when unknown devices are used to share and process data. AlertSec’s deep understanding of encryption means that we have a unique solution and I am confident that ACCESS will play an important role in making the whole IT security chain a lot stronger.”
To find out more about ACCESS and what it means for your business, read the full interview with Ebba below. Also, there is more information on our updated website.
The new cyber security regulations have created a compliance challenge for SMBs as well as large enterprise. August’s newsletter was about ‘Preparing for GDPR’. November’s newsletter will focus on 23 NYCRR 500 for the US financial market. And there are new documents on the website to explain further. Make sure to check the information even if you think your organization may not be directly affected.
“The new cyber security regulation 23 NYCRR 500 emphasizes that we all need to take data protection a lot more seriously. Let’s not forget, the reason for such a regulation is to protect individuals. They entrust companies with their personal information but there are still reports of social security numbers and insurance details getting stolen. We can’t have a situation where data isn’t protected and that is why AlertSec has invested considerable effort in addressing one of the big chinks in the IT security chain.
“All too many endpoint devices are not secure and the data is totally unprotected. It’s easy to solve with encryption but it is not always easy to enforce on systems you do not own or control. Sharing data with third parties is essential for productivity and customer service but there is no visibility of IT practices or infrastructure. A security policy or agreement is no guarantee. How can you be certain data really is protected wherever it is stored?
"So, at AlertSec, we set ourselves the mission to develop a solution that would check encryption compliance on every device before data is shared or moved, even devices outside your own network that you may not know about.
“ACCESS uses patent pending technology to check encryption compliance before allowing a computer or mobile phone to login. The device doesn’t need to be pre-registered and ACCESS works with all computer and browser platforms, and all full disk encryption types. ACCESS doesn’t impose encryption but does ensure that every device logging onto a network is encrypted.
“ACCESS reinforces our commitment to supporting SMBs. Our encryption services provide the platform for cyber security compliance. The development of ACCESS addresses the other part of the IT security chain, enabling client enterprises to confirm that service providers are in compliance. Together, they protect each other and benefit the consumers who depend on the whole chain to protect their data.”
Wait with upgrading to Redstone 3 or MacOS High Sierra
The AlertSec Support team sent out an advisory about upgrading to Windows 10 Fall Creators Update (aka Redstone 3). We strongly advise NOT to upgrade to this version of Windows at this time as we have found compatibility issues with encrypted machines if automatically upgraded. The same advisory applies to users updating to MacOS High Sierra. We will keep all our customers informed about the availability of a new client version. In the meantime, contact the help desk if you have any concerns.
ACCESS, AlertSec’s Compliance Check Entry Service System, is our new cloud-based service for large enterprises. With only two lines of code it is a fast and secure way to confirm that only encrypted computers and devices are permitted access to a web server.
For customers using AlertSec’s full disk encryption, there’s no need to take any action. You will continue to receive the high levels of support and protection from your AlertSec service. If you’re working with large organizations, you may start to see ACCESS at work confirming that your laptop or phone is encrypted before transferring to the log in site.
ACCESS detects all types of encryption giving you flexibility to choose the appropriate method for other devices such as your smart phone. So the native encryption software on phones and tablets will comply with ACCESS checks.
ACCESS doesn’t impose or install encryption, but it does prevent data mistakenly being stored on an unencrypted device. Where you see ACCESS at work, you can be confident of full compliance with your client’s data protection requirements.