Skip to content

Password Reset As An Essential Process for Privileged Access Management

With the emergence of cloud-based technologies, there is a growing demand and the consequent increase in services offered in this format. In this scenario, in which there were only two or three credentials to perform online tasks, today, the user is forced to deal with so many that they can barely remember them. 

In addition to having to remember complex passwords, users also need to keep in mind that many systems have a reduced number of access attempts. Thus, if one enters the wrong password, they will eventually have little chance of entering the right one before the access is blocked. So, the best thing to do is to use words that are easily typed and memorized.

Recent research by the UK’s National Cyber Security Centre (NCSC) reported that for the fifth consecutive year, “123456” is the most commonly used number sequence by users for passwords. The word “password” is another recurring top choice in this list of commonly used passwords, also because it is easier to memorize and type, even if it does not guarantee security.

The question is: Considering these passwords as insecure and easy to guess, why do people continue to use them? 

Users are expected to memorize their passwords and enter them correctly on the first try. However, the complexity required in password policies used by services and companies makes creating a strong and usable password difficult for both ordinary and advanced users.

We invite you to keep reading today’s article and discover how the password reset process is essential for Privileged Access Management and consequently for a better cybersecurity posture.

The Problem of Managing and Maintaining Strong Passwords

The combination of user and password has been used as a basic defense mechanism for computer systems since the beginning of their implementation, preventing unauthorized access to data stored on systems and devices. Despite the creation of authentication mechanisms without a password, such as biometrics or one-time passwords (OTP), the combination of user and password is still widely used to access systems and devices. 

This is because such a combination is easy and inexpensive to implement. In a digital transformation scenario, the multiplication of systems, devices, and their respective credentials is a perfect scenario for malicious attackers to collect passwords and, thus, access data improperly. 

After all, remembering a password is much easier than the dozens (or even hundreds) of services that require some kind of authentication. It is estimated that the number of passwords per user is between 70 and 100. 

Email accounts (personal and professional), banking services, corporate systems, devices, and applications are some examples that require authentication through passwords. And with the increase in the number of data leaks, it is easy to find compromised credentials on forums on the dark web being sold for pennies. 

And yes, we know that it is not easy to manage so many passwords. Even the most tech-savvy can struggle to manage and protect credentials in so many different environments. 

In times of personal data protection legislation, such as LGPD and GDPR, ensuring the protection of such data has become more than a security requirement – it is a business must. 

Despite all the risks associated with their use, many users and companies use passwords that are easy to guess, such as numbers or sequential letters (123456 or abcdef). SolarWinds itself, the victim of a serious attack on its supply chain, was using the password solarwinds123 in its infrastructure.

The Main Attacks Involving Access Passwords

It is essential to understand the types of attacks that passwords can suffer in order to be able to create a robust password policy. Some of these attacks and vulnerabilities involve: 

  • Dictionary Attacks. A list (dictionary) made up of words and combinations is used to compare captured hashes with the list items and thus try to find the password. It is still possible to use the list to access accounts through brute force attacks. 
  • Credential Stuffing: Leaked credentials used when attempting to access other accounts, succeeding when the user reuses the same credentials (username and password) on more than one account. 
  • Replacement: Authentication by the attacker is successfully performed by replacing a password or username already known by the attacker through some leak. 
  • Password Recovery: When the password recovery process has flaws, the attacker can impersonate the victim and gain access to the password or even change the current password to one of their own. This can happen, for example, when the user uses the easily guessable question-and-answer feature in the password recovery process. 
  • Social Engineering: The use of social techniques to mislead the user and illegally obtain access to credentials or use the same techniques to install password-stealing software.
  • Keylogging: A malware that, when installed on the system, can copy all information that is being entered by the user, including their passwords. 
  • Bad Hashes: Attacks that can be used to recover passwords, especially if the hashing algorithm has known flaws, such as MD5.

The password policies can be combined with software and tools to further protect systems and devices. Some of these tools include Password Managers; or for organizations that want to protect their assets, Privileged Access Management (PAM) solutions. 

Password Managers and PAM Solutions

Password managers and PAM solutions are tools and software that can generate secure passwords and automatically authenticate the system, eliminating the users’ task of remembering and entering passwords for different accounts.

It is worth remembering, however, the importance of protecting and never losing access to these tools: once the access credential is compromised, all accounts connected to the user may be lost. And it is also worth keeping these passwords up to date because if a vulnerability is exploited, all stored passwords will be exposed. 

If there is a suspicion that the password policy or passwords themselves are compromised, the recommendation is for the company to move quickly to mitigate the problem causing the compromise and require all users to change the password.

Finally, there must be a consensus to protect users from creating bad passwords and generating difficult password creation patterns. Raise awareness and allow people to recognize that their passwords are insecure so that they can choose strong and secure passwords for both work and personal access.

The senhasegura Solution

 Passwords are one of the oldest security mechanisms in the computing world and are also one of the main attack vectors by cybercriminals. In this way, we can avoid cyberattacks that can cause considerable damage not only to people but also to companies.

A more secure approach to the use of passwords is one where they can only be used once. Single-use passwords protect users from theft of credentials. Unlike static ones, which are not changed, using passwords only once makes systems resilient to attacks.

Once inserted in senhasegura, the passwords are managed by the solution. This means that, at any time, the solution can make a change in the password. These changes can occur in the following ways:

  • Determined by the company’s password policies (automatic). Based on the company’s password policies, registered in the system, the solution automatically and periodically changes the keys, facilitating the work of its information security team.
  • Determined by password exposure (automatic). When a user is allowed to see a password held by the solution, they can use it for a specified period in the system. When this time is over, the system will immediately change the password, so that the credential custody returns to storage.
  • Requested by an admin user. A user with administrator rights in the system may at any time schedule a password change for some or all devices registered in the solution.

Request a demo now and discover the benefits of senhasegura for your business.

About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Senhasegura
Senhasegura strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.

What are ransomware attacks, and why are they on the rise?

The number of cyberattacks increases every day. Most notably, ransomware attacks are continuously on the rise: not a day goes by or a new ransomware attack and data breach are mentioned in the press. But what is ransomware exactly, and which types are there? How do these ransomware attacks happen, and what can you do to prevent them? In this blog post, we’ll formulate an answer to all of these questions.

A ransomware payment request – that’s one message you don’t want to see.

What are ransomware attacks?

Ransomware is a type of malicious software (malware), that is used by cybercriminals to encrypt a (portion of a) device’s data, rendering it no longer accessible. To regain access, criminals will demand a big ransom payment before they will give the decryption key or deactivate the lock screen. But, of course, it’s better to mitigate your chances of getting attacked to begin with – rather than paying the ransom. To put more pressure on the victims regarding the ransom demand, the hackers can use specific ransomware software to not only encrypt files but also search for sensitive data and send this information back to the hacker. During this type of malware attack, ransomware groups often spend much time unnoticed in the operating system, while searching for the most valuable data to exploit. If organizations then do not want to pay the ransom, the malware attacker often threatens to publish the stolen data online, which has disastrous consequences.

Who are ransomware attack targets?

In general, anyone can become the target of ransomware attacks. However, looking at the most recent data breaches in 2022 alone, it’s clear that hackers will focus on organizations that work with a lot of personal files and sensitive data, big user groups, and possibly smaller IT teams (such as in education or healthcare). Furthermore, they also tend to target industrial players as disruptions in their IT processes pose prominent problems for the company’s supply chain.

Which types of ransomware attacks are there?

A wide range of ransomware variants are being used, but let’s take a look at the most common ones:

  • Crypto ransomware or ‘encryptors’: This type of malware is perhaps the most famous one. A cybercriminal will encrypt files and to keep the decryption key, for which you will have to pay ransom. Notable examples are CryptoLocker, GoldenEye, WannaCry, …
  • Locker ransomware: This ransomware variant will block your basic computer functions. You won’t have access to your device and you’ll only see one lock screen or popup with the message that your files and applications are inaccessible and that you need to pay a certain amount of money before gaining access again.
  • Scareware: A type of malware designed to scare or manipulate people into visiting website pages or downloading malware-infested software. This is done by using social engineering tactics and popup ads. The goal is to make users believe they need to buy or download software (which is actually malicious). Some examples of scareware are: PC Protector, SpySheriff, Antivirus360, …
  • Doxware: With this term, we refer specifically to ransomware that is used to get personal data. They compromise the privacy of the employees by getting access to photos and sensitive files, after which they will threaten to release the data. Often attackers will deliberately target specific victims for this type of attack.
  • Ransomware as a service (RaaS): This is a business model for cybercriminals. Anyone, even without knowing how to code, can buy tools on the black market and use them for carrying out ransomware attacks. The tools are hosted and maintained by hacker collectives. Well-know RaaS providers are REvil, DarkSide, Maze, …
Ransomware’s goal is to lock up your data, and get you to pay for the key.

How do ransomware attacks happen?

Ransomware operators try to gain access to the company’s network or system via different techniques. Very often, they will try to do this via individuals in the organization, but they can also attempt to infect systems directly. The following list highlights some of the most common ways ransomware attacks happen.

  • Phishing: Criminals send employees of your organization an email that contains a malicious link or malicious attachments. It could be that the link goes to a website hosting a hostile file or code, or that the attachment has a download functionality built in. If one of the people at the company clicks on or opens the content of the phishing emails, malicious software could be installed and the ransomware infects the systems.
  • Insufficiently protected network: If you’re acting proactively in securing your network, cybercriminals can attempt to exploit multiple vulnerabilities and attack vectors to get in and let their malicious software do its thing.
  • Open RDP: Using RDP without any security measurements is something cybercriminals like to see, as they can exploit its weaknesses. That way they get access to the company’s system. Researchers found 25 vulnerabilities (!) in some of the most popular RDP clients (FreeRDP, Microsoft’s built-in RDP client, …) used by businesses in 2020.
  • Insecure VPN connections: VPN tunnels directly from your employees’ devices to your network. Together with RDP, the UK National Cyber Security Centre identified VPN as one of the largest risk factors for a ransomware attack, because malicious software from the client device can enter your corporate network remotely.

Examples of major ransomware attacks in 2022

Every day, another major organization is the victim of a ransomware attack. Some recent victims were:

  • Government systems in Costa Rica (May 2022): Cyberattack targeting systems from tax collection to importation and exportation processes through the customs agency. Furthermore, they also got access to the social security agency’s human resources system and the Labor Ministry. The Conti cartel has been demanding a lot of money for the attack. In the meantime, they have been starting to publish stolen information as they were tired of waiting for the ransom.
  • Florida International University (April 2022): Data breach that impacted the sensitive information of students and faculty. BlackCat was behind the attack.
  • The Scottish Association for Mental Health (March 2022): The health organization was targeted by a ransomware gang that impacted the IT systems. More than 12GB of personal and sensitive data was leaked online. Behind the attack was RansomEXX ransomware gang.
  • KP Snacks (February 2022): The hackers of the Conti gang were able to steal many sensitive documents like samples of credit card statements, spreadsheets including employee personal data, and confidential agreements, … They published even more of these data online after not receiving the ransom in time.
  • Moncler (January 2022): At the beginning of the year, the luxury Italian fashion giant became the victim of a data breach following an attack by ransomware gang BlackCat. Afterward, the company explained that various data had been impacted. The data was not only related to customers, but also to current and previous employees, as well as to suppliers, and business partners.

These are only a handful of thousands of (publicly known) examples. Ransomware attacks are not limited to certain verticals or countries. Without the right security measures in place, everyone can become a ransomware victim.

The notorious hacker collective Conti Group is behind many of the past year’s ransomware attacks.

Why are ransomware attacks rising?

Shift to hybrid and remote working

Ransomware attacks are on the rise as ransomware groups are continuing to adapt their techniques in this changing digital world. With the acceleration of remote working and shift to hybrid working, malicious actors are not only focusing on organizations in general but are also targeting individuals to gain access to the operating systems, files, and applications of companies.

More and more people are working outside the office networks. A lot of companies have set up a remote working solution in a quick way as they were surprised by the worldwide pandemic. However, in multiple cases businesses chose insecure solutions to do this (e.g. via opening RDP endpoints or facilitating ‘naked’ VPNs). The result was that they created gaps in their cybersecurity defense, which makes them an easy target for malware.

Financial benefits for ransomware group

Another reason for the rise is that more criminal groups see the benefit of ransomware attacks as companies tend to (in most times) pay the ransom. It can be a quick money win for them. Stealing and threatening to leak the data has been working well for these ransomware gangs, so we see a clear shift from denial of data to data extraction. Let’s take a look at how you can prevent making them rich.

Best practices to prevent ransomware attacks and spreading

Nobody wants to pay the ransom or wants to have encrypted files and encrypted data, right? So how can organizations prevent such ransomware attacks? How can you defend yourself? We’ve listed some best practices of ransomware protection for you:

  • Inform and train your employees:
    • IT admins shouldn’t click on unknown links or open malicious mail attachments, and should always use strong passwords with MFA enabled.
    • Facilitate security awareness training for your employees. The above is more difficult to enforce on your employees, so it is fundamental that you make them aware and train them in cybersecurity hygiene.
    • Phishing emails and social engineering attacks are still very popular techniques with cybercriminals to target individuals to make them the gateway into the organization’s computer system. Make sure your employees are aware of these practices so that they can recognize and counter them when they face an attempt.
  • Data backup:
    • Backup files and applications regularly.
    • Make sure to secure your offline data backups as well, and check that they are not connected permanently to the computers and networks that they are backing up.
  • Network segmentation:
    • If you have an infected system, make sure that malware cannot spread to another computer system by segmenting production and general-purpose networks.
    • That way, if somebody is using an infected computer and infects one of the smaller networks, you can try to isolate the ransomware before it spreads further.
    • This also gives the IT team more time to remove ransomware without it spreading throughout the entire organisation.
  • Review port settings:
    • Open RDP ports are one of the most common ways ransomware attacks are initiated. Using ‘naked’ RDP port 3389 to give employees remote access is opening the door for hackers and saying: “Welcome, this way please!”
    • Another port that is often targeted is Server Message Blocked port 445.
  • Limit user access privileges:
    • To block ransomware from entering, define the permissions of users thoroughly.
    • Set limitations to which applications, desktops, and files they have access.
    • Add security layers in line with the Zero Trust model as you can not trust anyone, even if it’s an authorized employee. Make sure you have control over what each user or user group can access or do.

What to do if you’re a victim of a ransomware attack

What can you do if you are the victim of a ransomware attack? Let’s check out the most common ways to recover from a ransomware infection.

  • Do not make a ransom payment: Firstly, stay calm and don’t rush into paying the ransom. It will only encourage criminals to keep on doing this. (And how can you be sure that the ransomware attackers will give your data back after you paid?)
  • Identify the source of the ransomware: Try to find out what the point of entry of the ransomware was. Talk with your users to find out who experienced the first signs of the attack.
  • Isolate the infected machines: You don’t always know how fast the ransomware could be spreading, but disconnect all devices from the network as soon as possible. This may help reduce the impact of a company-wide ransomware infection.
  • Report the attack to the authorities: This is a crime, and you should report it to the police. They could also be able to help you as they have access to more powerful resources for this type of crime.
  • Restore your data: If you have been taking regular backups of your data, you can use those off-site or cloud backup files to restore your data. This is why you should have a backup data strategy so you can move forward quickly without losing too much time. However, be careful as some ransomware may have been for months in your systems and therefore in your backups as well. You should always run an anti-malware solution on your backups first to check.

How can Awingu help with ransomware prevention?

Awingu on devices

Awingu is a unified workspace that makes it possible for a company to enable secure remote access to file servers, applications, and desktops for its employees. Our customer use it as an extra protection layer to secure ‘naked’ RDP, as well as to provide a secure alternative to VPNs. Users can access the workspace via the browser and nothing needs to be installed on the device. So even if they are using an infected device, there is no direct connection to the company’s network, so you don’t have to fear a ransomware infection. Awingu comes with various built-in security capabilities that will help you secure the access:

  • Browser-based workspace
  • Built-in MFA
  • Anomaly detection and monitoring in the dashboard
  • SSL encryption
  • No local data on the end-user device
  • Granular usage control
  • Context-awareness

If you want to learn more about how Awingu can help you protect your organization against ransomware attacks, click here!

About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.



【2022年6月2日,台北訊】AI 人臉辨識領導廠商訊連科技(5203.TW)宣布旗下FaceMe®人臉辨識引擎獲美好金融app採用,以人臉辨識技術改善開戶之eKYC(數位化身分驗證)流程,打造更安全便利的金融服務。美好金融新用戶不必親自臨櫃,以手機鏡頭就能辨識身分、簽署文件並於遠端完成開戶,AI自動辨識也大幅減輕業者人力核對身分之負擔。




「台灣金融市場裡面,訊連提供了一套非常適合台灣金融業者的 eKYC 解決方案,有能合法合規的配套,並與國際金融科技市場接軌的辨識率與使用者體驗,」美好金融產品經理Daniel表示,「美好金融在一輪的廠商篩選後,選擇與訊連合作,目前的這個產品決定也讓許多線上開戶的客戶有更美好的體驗,與美好內部的作業效率提升,非常感謝訊連在這合作的配合與努力。」借助FaceMe執行eKYC的服務,在上線的數個月內,已協助近300位美好金融客戶完成線上開戶,而這段期間客戶也享受千萬左右的月配息收益。

「無論銀行、保險、證券業者,在發展金融科技 (fintech) 時的共同課題之一都是eKYC,而AI人臉辨識就是最理想且無接觸的解決方案。」訊連科技董事長暨執行長黃肇雄表示,「很榮幸FaceMe人臉辨識技術能獲得美好金融app採用。FaceMe世界頂尖的精準辨識率,不僅能保證eKYC流程中的安全性,更能為民眾打造便利、不中斷的普惠金融服務。


關於Version 2
Version 2 是亞洲最有活力的IT公司之一,公司發展及代理各種不同的互聯網、資訊科技、多媒體產品,其中包括通訊系統、安全、網絡、多媒體及消費市場產品。透過公司龐大的網絡、銷售點、分銷商及合作夥伴,Version 2 提供廣被市場讚賞的產品及服務。Version 2 的銷售網絡包括中國大陸、香港、澳門、臺灣、新加坡等地區,客戶來自各行各業,包括全球1000大跨國企業、上市公司、公用機構、政府部門、無數成功的中小企及來自亞洲各城市的消費市場客戶。


OSINT – Pt.2 – Intelligence Cycle and OSINT Framework


Now that we’ve covered some basics of what OSINT is, why we use it, and how it might benefit us, let us look at the core of what makes up our collective intelligence effort. Do note that even though we should be familiar with this, every analyst should develop their own techniques, methods, and even tools, depending on the case they’re investigating. Think of what we’re describing below as a loose guideline that can be used in your investigations.

Also, please note that the Intelligence Cycle, as described below, is of a broader scope, and doesn’t necessarily pertain to OSINT investigations exclusively. However, from our perspective it is vital to be at least familiar with it, which is why we chose to dedicate that much space to it.

Intelligence Cycle

The Intelligence Cycle is the process of compiling raw data into intelligence that can be used to make decisions, be it for LE use, or for business driven purposes. In its nature, the Intelligence Cycle is cyclical (hence Intelligence Cycle) – meaning that what we’ve discovered previously can influence the following routes of our investigation. The goal here is to remain open to new information, and understand that it can impact the current state of affairs in our investigation.

The Intelligence Cycle consists of five parts: 

  1. Planning and Direction
  2. Collection
  3. Processing
  4. Analysis and Production
  5. Dissemination

Planning and Direction

This part involves the management of the whole investigation, from identification of our intelligence needs, to delivering of the said intel. It is both the beginning and the end of the cycle, because it involves defining our needs (planning), the end, because once finished our new intel can produce new informational needs. This is due to the fact that our intel needs to work hand-in-hand with our decision making, which might change once we reach the end – thus leaving us at the beginning of the cycle once more.


To collect intel effectively, we need to have a good plan that we’ll stick to, as well as some sort of direction. Since in this phase we’re collecting raw data, open sources can be a treasure trove for us here; also, in the context of a pure OSINT investigation, here we would implore the analyst to pay most of their attention, and deploy their critical thinking ability as much as possible. Data can be extremely volatile, and we need to understand not only the data points itself, rather we should visualize the broader picture. (Once more, the Intelligence Cycle is a bit more broader, and goes beyond only open source data)


In this step, we convert the raw data that we’ve gathered into a format an analyst can work with. This entails managing our information, through whatever techniques we may deem necessary for our particular investigation. We reduce the data, arrange, and process it in such a way that it can be of use to the one who would be consuming it.

It follows that this step will differ greatly if we are, for example, processing our data for a LEA, or if its an investigation where we would be the consumer of the said information – if we are maybe gathering intel for a penetration test; at least before compiling the report for our client.

Analysis and Production

Analysis and production pertains to us converting all of the information that we’ve processed, into a finished product. This intel is evaluated, integrated, and further analyzed. The data is integrated into one coherent whole, what was evaluated is put in context, and then produced into a finished piece of intelligence – which includes assessments, and implications of the intel, in that particular context.


In this final phase, we distribute our intel to the consumer, the same ones who initiated the process with their intelligence needs and requirements. Then, based on the information, the consumer would make their decisions, which may trigger the Intelligence Cycle again.

Thoughts, conclusions

It is apparent that this type of approach is generally more geared toward LEA’s, or some businesses, but, as an aspiring OSINT analyst, we should be aware of how these things are usually done. There’s a lot of things for us to unpack here, and even though we might not use or need to follow the exact same steps, we will, however, still act somewhat in convergence with the model above.

The main takeaway, for us, is the fact that this kind of approach has a great impact on how we can further use our own critical thinking and deductive skills, since critical thinking is the most important skill an OSINT analyst needs to possess – in our opinion. That is, the ability to think rationally about the topic, in an organized way, so that we can best understand the connection of the facts that are presented to us.

For example, we should always look to define our problems and/or questions as precisely as we can. We also need to find different sources – in order to understand different points of view. Further, we should evaluate the reliability of said sources, understand if they’re biased, and if that’s the case, then we would be interested in how’s and why’s.

Once we’ve weeded out some of those crucial questions, and further crystallized our picture, we would try and understand what’s most important of the facts that we’ve gathered. Finally, once we do all of that successfully, we need to know how to present this coherently, to whomever might be the party to which our investigation refers to.

With all this in mind, of course every analyst’s process will differ, but the way in which we go on about our investigation, should be grounded around some of the same core principles. Remember, your greatest and most important tool is your ability to rationalize, analyze, connect the dots, and make good deductions based on all of that – your critical thinking ability.

OSINT Framework

Before concluding our article, we would like to mention one more thing – the OSINT Framework.

This is a web-based platform, which bundles a lot of different OSINT tools – on many different themes, such as: IP address, Images, Social Networks, People Search Engines, Public Records, Metadata, Dark Web, and many more.

Most of them are free to use, but there’s a number of tools that are subscription-based. Nevertheless, this can be a great starting point for your investigation, and is something every OSINT analyst should be well aware of, in our opinion.

OSINT Framework Homepage


To conclude, we’d just like to mention that the idea behind ‘teasing’ with the OSINT Framework in this article is due to the fact that our next article will focus on some of the tools one might use in their investigation, so we felt it was a good inclusion and a natural transition; at least now that we’ve laid some groundwork, and explained, albeit briefly, some of the core intelligence gathering ideas.

As we will see, there’s a myriad of tools out there, and everybody has their own preferences, but the ideas behind them are generally nested around their theme/functionality.

Lastly, here’s another teaser for you, before we go delving into the tools in our next article!

About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Topia
TOPIA is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.

Safetica ONE 10.2 Released: Improved OCR, UX, Updates for Large Environments

OCR language support

  • Secondary language support relevant to countries with special characters and non-Latin character sets (e.g. Chinese customers should set primary language to Chinese AND secondary language to English).

  • New OCR languages added: Lithuanian and Ukrainian.

Improved user experience for forced reboots

  • New endpoint notification informs users about the need for forced reboot.

  • Pre-reboot time limit increased to 5 minutes.

Optimized endpoint updates for large environments 

  • When updating, endpoints are now assigned an order number and will update when it’s their turn to load-balance update requests (already available for the 10.2 update).

  • New technology used for component downloading to ensure that connection is established properly.

Device Control no longer negatively affects peripherals

  • Device Control now ignores non-mass storage devices.

  • Bluetooth setting in Device Control can be configured separately for devices that support file transfer.

Network integration limited to critical apps

  • Simplified network integration which merges network integration and SSL inspection. This limits where our network layer is integrated and lowers the chance of technical issues.

  • Integration is from now on set to the “Compatibility” mode by default. Other modes were removed.

Configuration of multiple SharePoint instances 

  • Added support for different configurations for individual SharePoint instances.

Other changes

  • Only 64-bit operating systems are supported for Safetica Management Service, Safetica Management Console, and WebSafetica.

  • DLP policy names are included in email and SIEM alerts to help with filtering syslogs.

  • Improved memory consumption of WebSafetica reports.

  • Bug fixes for Shadow Copy.

  • Bug fixes for integration with the latest version of FortiGate.

You can find more details about new features in Safetica ONE > Dashboard or our Knowledge Base.   

About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Safetica
Safetica is to provide small and mid-sized companies with the same quality data protection that corporations have – affordably, and without any additional IT administration or disruptions in operation.



Click one of our contacts below to chat on WhatsApp