INFORMATION SECURITYThe threats from within are increasing on a daily basis. 78% of all information security breaches happen internally

Private and Confidential - INNEFU LABS

WELCOME TO GREATER MUMBAI BANK *Private and Confidential - INNEFU LABS*

Private and Confidential - INNEFU LABS

PRESENTATION FORMATCurrent ArchitectureSecure Architecture - INNEFUs AuthShield

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

*Private and Confidential - INNEFU LABS*

Private and Confidential - INNEFU LABS

CURRENT ASSETSE-mail serversDatabase serversCore Banking Application / Application ServersIntranet ApplicationsWeb Applications

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

CURRENT ARCHITECTUREDisparate ArchitectureServers on Public IPsNo single Sign onNo DMZNo Multifactor Authentication**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

INFORMATION SECURITY - CURRENTAnti Virus

Firewall

Unified Threat Management

People and Processes

Security PolicyProcesses to connect to the InternetNo authorization for Pen drives, CDs, Laptops etc

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

INFORMATION SECURITYSingle Sign on, authentication and Authorization Open LDAP / AD integrated with RADIUS

Virtual Private Network for critical Third party Applications

Multifactor Authentication for Net BankingCore Banking ApplicationsThird Party Applications

Technical Audit Vulnerability Assessment and Penetration testing

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

SINGLE SIGN ON**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

ADVANTAGESUser only has to remember a single password instead of multiple complex passwords

Reduces time spent re-entering passwords for the same identity

Increases security - Users select stronger passwords, since the need for multiple passwords and change synchronization is avoided Security on all levels of entry/exit/access to systems without the inconvenience of re-prompting users**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

RADIUS SERVER**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

ADVANTAGESClient Server ArchitectureOnce the user is authenticated, the client provides the user with access to appropriate network servicesThe Authentication Request is sent over the network from the RADIUS client to the RADIUS serverIf the user name and password are correct, the server sends an Authentication Acknowledgment that includes information on the user's network system and service requirements.

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

VPN FOR THIRD PARTY APPLICATIONS**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

CONTD.**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

ADVANTAGESExtended connections across multiple geographic locations without using a leased lineImproved security for exchanging dataFlexibility for remote offices and employees to use the business intranet over an existing Internet connection as if they're directly connected to the networkSavings in time and expense for employees to commute if they work from homeImproved productivity for remote employees

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

MULTIFACTOR AUTHENTICATION**Private and Confidential - INNEFU LABSPoint of Attack

Private and Confidential - INNEFU LABS

IDENTITY THEFTFastest growing white collar crime

11 Million Americans affected in 2010-2011

900,000 new victims each year

Cost to businesses more than $50 billion

Cost per incident to company $6,383

Hours spent per victim resolving the problem as shown by identity theft statistics: 30 Irreparable loss to Companys Brand/Image

Loss of Clientele

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

*Private and Confidential - INNEFU LABS*

Private and Confidential - INNEFU LABS

POINT OF ATTACK

CustomersVendorsDevelopment TeamPower Users/Key Users/Super UsersAgentsEnd UsersEmployees**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

METHODS OF ATTACKPhishing

Virus, Trojans, worms inside the companys architecture or personal computer of users

LAN Attacks Remote Sniffing

Web Vulnerabilities including SQL Injection, XSS attacks and Cookie capturing

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

ASSETSWeb Application

Application Servers

VPN/SSL

Intranet Applications

Database Servers

Local LAN / WiFi

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

MFID MULTIFACTOR AUTHENTICATIONMap the physical identity of the user to the server

Identify the user based on Something he knows (user name / password)Something in the users possessions

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

INNEFUS AUTHSHIELDMulti factor authentication system which uses either of the three authentication mechanisms

Soft TokenHard tokenMobile TokenE-Token

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

HARD TOKEN IDENTIFYING THE USER ON THE BASIS OF HIS KEY**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

PROTECT VPN AND CUSTOM MADE APPLICATIONSSecurity device given to authorized users

The device displays a changing number that is typed in as a password

The password is based on a pre defined unbreakable randomized algorithm

Every time the user accesses a critical IT asset, the randomly generated number is matched with the server to verify users credentials

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

SOFT TOKEN IDENTIFYING THE USER ON THE BASIS OF HIS PHONE NUMBER**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

MOBILE TOKEN GENERATING TOKEN VIA MOBILE PHONESInnefu BlackBerry AuthShield for Web Clients

**Private and Confidential - INNEFU LABS1). User accesses the token generation application on his BB device 3). Request Forwarded to IAS3). 2).Request Sent to BES4). Token Generated6). AccessBESIASWeb Client UN+PWD+TOKEN5). Credentials EnteredIAS & AD

Private and Confidential - INNEFU LABS

PROTECT INTERNET BANKINGThe OTP is sent either via SMS or the OTP is generated by the smart phone itself

The user use the OTP to log into any web application or intranet application

Works on all smart phones with GPRS enabled

The system does not depend on the memory or the processor usage of the phones**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

FEATURESOS Independent Authentication Mechanism

Seamless Integration with the current business and security architecture

Works as a stand alone authentication mechanism or in connection with-Microsoft ADFirewallVPNWi-FiTerminal services etc

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

CONTD.Increases the log on security for critical applications

Unbreakable encryption on the lines of those used by US Government

Prevent identity theft by up to 99%

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

CONTD.All logs are stored in a secured database (completely encrypted) for future analysisDate and TimeUserTime Gap

Access to logs only available to Admin team

Privileges assigned to every users

IP Address of the user

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

TECHNICAL AUDITVulnerability Assessment and Penetration testingInternal Audit Test all the IT assets of the organization with login privilegesExternal Audit Test all the IT assets of the organization without login privileges

Identify all vulnerabilities

Penetration tests to remove false positives

**Private and Confidential - INNEFU LABS

Private and Confidential - INNEFU LABS

THANK YOUQUESTIONS WELCOME

AUTH-SHIELD LABS PVT. LTDhttp://auth-shield.com/ +91-11-47065864 / 66contact@auth-shield.com *Private and Confidential - INNEFU LABS*

Private and Confidential - INNEFU LABS

**Private and ConfidentialPrivate and Confidential