Skip to content

Portnox Named Winner of the Coveted Global InfoSec Awards during RSA Conference 2021

Portnox Wins Award for “Cutting Edge NAC” in 9th Annual Global InfoSec Awards at RSAC 2021

NEW YORK–Portnox is proud to announce it has won the award for “Cutting Edge Network Access Control (NAC)” from Cyber Defense Magazine, the world’s leading information security e-magazine. “We’re thrilled to receive one of the most prestigious and coveted cybersecurity awards in the world from Cyber Defense Magazine. We knew the competition would be tough – after all, the judges are leading infosec experts from around the globe. We couldn’t be more pleased,” said Ofer Amitai, CEO at Portnox.

Portnox’s cloud-delivered NAC-as-a-Service – Portnox CLEAR – has taken the network access control (NAC) market by storm in recent years, seeing a surge of new customers seeking to move off of their legacy on-premise NAC solutions. In 2020, Portnox saw its revenue grow 30% year-over-year.

“As the only true SaaS NAC product on the market, Portnox CLEAR is making NAC implementation and deployment easier for enterprises – particularly those with highly distributed networks,” said Tomer Shemer-Buchbut, Vice President of Products at Portnox. “By eliminating on-going maintenance like upgrades and patches common of on-premise NAC, we’re offering companies far better total cost of ownership.”

“Portnox embodies three major features we judges look for to become winners: understanding tomorrow’s threats, today, providing a cost-effective solution and innovating in unexpected ways that can help stop the next breach,” said Gary S. Miliefsky, Publisher of Cyber Defense Magazine.

With 80 billion connected devices expected to be in use by 2025, the NAC market is growing rapidly – projected to reach nearly $12 billion globally. Device proliferation paired with an ever-expanding number of cyber threats and hybrid workforce operations has made network access control a critical component of any enterprise cybersecurity stack. “NAC is front and center for CISOs and their IT security teams. Expect the demand for network access control – particularly cloud NAC – to continue to grow as companies continue to embrace emerging networking models like SD-WAN, ZTNA and SASE,” said Amitai.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

About CDM InfoSec Awards
This is Cyber Defense Magazine’s ninth year of honoring global InfoSec innovators. Our submission requirements are for any startup, early stage, later stage or public companies in the INFORMATION SECURITY (INFOSEC) space who believe they have a unique and compelling value proposition for their product or service. Learn more at http://www.cyberdefenseawards.com

About the Judging
The judges are CISSP, FMDHS, CEH, certified security professionals who voted based on their independent review of the company submitted materials on the website of each submission including but not limited to data sheets, white papers, product literature and other market variables. CDM has a flexible philosophy to find more innovative players with new and unique technologies, than the one with the most customers or money in the bank. CDM is always asking “What’s Next?” so we are looking for Next Generation InfoSec Solutions.

About Cyber Defense Magazine
With over 5 Million monthly readers and growing, and thousands of pages of searchable online infosec content, Cyber Defense Magazine is the premier source of IT Security information for B2B and B2G with our sister magazine Cyber Security Magazine for B2C. We are managed and published by and for ethical, honest, passionate information security professionals. Our mission is to share cutting-edge knowledge, real-world stories and awards on the best ideas, products and services in the information technology industry. We deliver electronic magazines every month online for free, and special editions exclusively for the RSA Conferences. CDM is a proud member of the Cyber Defense Media Group. Learn more about us at https://www.cyberdefensemagazine.com and visit https://www.cyberdefensetv.com and https://www.cyberdefenseradio.com to see and hear some of the most informative interviews of many of these winning company executives. Join a webinar at https://www.cyberdefensewebinars.com and realize that infosec knowledge is power.

Monitoring security architecture

Introduction

Do an exercise, ask five IT technicians -of any profile- what SNMP means.. If you’re close with them the better, so that the first thing they do is not go to Wikipedia to boast. Hopefully, they might tell you what they said to me when I was working in networks.

“Security is Not My Problem”

Taking into account that the SNMP protocol is one of the monitoring bases, and a system that has been in use for more than thirty years, this answer, “Security is Not My Problem”, sums up the current monitoring situation quite well: ignorance, laziness and lack of interest in monitoring security.

By the way, we talked about SNMP in another article on our blog and I will give you a teaser in advance, it means Simple Network Management Protocol and it comes from 1987.

Considering that monitoring is “key to the kingdom”, since it allows access to all systems and even access many times with administration credentials, shouldn’t we take security a little more seriously when we talk about it?

Recent vulnerabilities in well-known monitoring systems such as Solarwinds or Centreon make the need to take security seriously in the implementation of monitoring systems increasingly urgent, since these have a very strong integration with systems.

In many cases, security problems are not so much about one piece of software being much safer than another, but about poor configuration and/or architecture. It must be taken into account that a monitoring system is complex, extensive, and in general, it is highly adapted to each organization. Today it was Solarwinds, tomorrow it could be Pandora FMS or Nagios.

No application is 100% secure, nor is any corporate network secured against intrusion, whatever the type. This is an increasingly evident fact and the only thing that can be done about it is to know the risks and assume which ones you can take, which ones absolutely not, and work on the latter.

Safe monitoring architecture

It is essential to keep in mind at all times that a monitoring system contains key information for a possible intruder. If monitoring falls into the wrong hands, your system will be compromised. That is why it is so important to devote time to the architecture of your monitoring system, whatever it may be.

Carry out a first analysis, collecting the requirements and scope of your monitoring strategy:

  • Identify what systems you are going to monitor and catalogue their security levels.
  • Identify which profiles will have access to the monitoring system.
  • Identify how you will obtain information from those systems, whether through probes/agents or remote data.
  • Identify who is responsible for the systems you are going to monitor.

The architecture of a system will have, whatever the chosen software, the following elements and will have to take into account its network topology, its resources and the way to protect them properly:

  1. Information display interface (web console, heavy application).
  2. Data storage (usually a relational database).
  3. Information collectors (intermediate servers, pollers, collectors, etc.).
  4. Agents (optional).
  5. Notification system (alerts, notices, etc.).

Monitoring system securing

No matter how correct the implementation of a system, its architecture and its design as a whole is, if one of the elements that make it up is violated, the damage it may suffer by a malicious attack compromises the entire structure. For this reason, in security there is a saying, “Security is a chain and your real security always depends on its weakest point.”

This list of security concepts applied to the architecture of a monitoring system can be summarized as the features that a monitoring product must have to ensure maximum security in an implementation:

  • Encrypted traffic between all its components.
  • High availability of all its components.
  • Integrated backup.
  • Double access authentication.
  • Delegated authentication system (LDAP, AD, SAML, Kerberos, etc.).
  • ACL and user profiling.
  • Internal audit.
  • Password policy.
  • Sensitive data encryption.
  • Credential containers.
  • Monitoring of restricted areas/indirect access.
  • Installation without superuser.
  • Safe agent/server architecture (passive).
  • Centralized and distributed update system.
  • 24/7 support.
  • Clear vulnerability management policy by the manufacturer.

Monitoring infrastructure basic securing

The management console, monitoring servers and other elements should never be on an accessible public network. The console should always be protected on an internal network, protected by firewalls and, if possible, on a network independent from other management systems.

The operating systems that host the monitoring infrastructure should not be used for other purposes: for example, to reuse the database for other applications, nor the base operating systems to run other applications.

Safe and encrypted traffic

You should make sure that your system supports SSL/TLS encryption and certificates at both ends at all levels: user operation, communication between components or sending data from the agent to the servers.

If you are going to use agents in unsafe locations, it is highly recommended that you force all external agents to use certificate-based authentication at both ends, to avoid receiving information from unauthorized sources and to prevent information collected by agents to not travel transparently.

On the other hand, it is very important for you to activate encryption on your web server to provide an encrypted administration console and prevent any attacker from seeing access credentials, remote system passwords or confidential information.

Full High Availability

For all elements: database, servers, agents and console.

Integrated backup

The tool itself should make this as easy as possible, as settings and data are often highly distributed and consistent backup is complex.

Clear vulnerability management policy by the manufacturer

Every day, dozens of independent auditors test the strengths and weaknesses of all kinds of business applications. They seek to gain a foothold in the sector by publishing an unknown ruling to increase their reputation. Many clients, as part of their internal security management processes, execute external and internal security audits that target their IT infrastructure.

Be that as it may, all products have security flaws, the question is: how are those flaws handled? Transparency, diligence and communication are essential to prevent customers from having problems derived from vulnerabilities in the software they use. It is essential that there is a clear policy in this regard, so that it is known which public vulnerabilities have been reported, when they have been corrected and if a new one is detected, the steps to follow for notification, mitigation and distribution to the end customer.

Dual authentication system

Pandora FMS has an -optional- system based on google authenticator that allows forcing its use for all users for security policies. This will make user access to the administration console much safer, preventing that due to privilege escalation the system can be accessed as administrator, which is, at best, the highest risk that can be run.

Delegated authentication system

Complementary to the previous one, you can delegate management console authentication to authenticate against LDAP, Active Directory, or SAML. It will enable a centralized access management, and combined with the double authentication system your access will become much safer.

ACL and user profiling

Identify and assign different users to specific people. Do not use generic users, assign only the necessary permissions and do not use “super administrators”. They are good practices not only for monitoring tools but for any business software implementation with access to sensitive information.

Nowadays, any professional tool to define an access profile for each user will do so in such a way that no user has “absolute control”, but only has the minimum required access to their functions.

Internal audit system

You must have a system in place to record all user actions, including information on altered or deleted fields. Said system must be able to be exported abroad so that not even the administrator user can alter said records.

Password policy

A basic element that allows you to enforce a strict password management policy for access to application users: minimum password size, password type, their reuse, forced change once in a while, etc.

Sensitive data encryption

The system must allow the most sensitive data to be stored encrypted and safely, such as access credentials, monitoring element custom fields, etc. Even if the system itself contains the encryption “seed”, it will always be much more difficult for a potential attacker to access this information.

Credential containers

Or an equivalent system for the administrator to delegate credential use to other users who use said credentials to monitor elements without seeing the passwords contained in the container.

Restricted area monitoring

In these systems, information will be collected remotely by a satellite server and will be available to be collected from the central system (in Pandora FMS through a specific component called Sync server). That way, data can be collected from a network without access to the outside, ideal for very restrictive environments where the impact is drastically reduced if an attacker takes over the system.

Agent remote management locking system

For critical security environments, where the agent cannot be remotely managed once it is configured. This is especially critical in monitoring, since if a system is compromised and its administration is accessed, by the way the system is configured itself, it will have access to all systems from where it receives information. In critical systems, the remote management capacity must be deactivated, even if that makes administration more tricky. The same applies to automatic updates on the agent.

Design of safe architecture for communication with agents

Sometimes known as passive communication. That way, agents will not listen to a port nor have remote access from the console. They are the ones who will connect to the central system to ask for instructions.

Installation without root

Pandora FMS can be installed in environments with custom paths without running with root. In some banking environments, it is a requirement that we meet.

Notification and reporting system (alerts, notices, etc.)

A monitoring system is only useful if it shows accurate information when it is needed. Alert or weekly report reception is the culmination of all the previous work and for that you will have to take into account some “obvious” points that are often overlooked. Protect those systems, wherever they may be.

Periodic updates

All manufacturers now distribute regular updates, which include both bug fixes and security problems. In our case, we publish updates approximately every five weeks. It is essential to update systems as soon as possible, because when a vulnerability is reported, product managers ask external security researchers who have reported the bug, not to publish anything about the vulnerability until a patch is published. Once the patch is published, the researcher will publish the information in more detail as wished, a fact that can be used to exploit and attack non-updated software versions.

Pandora FMS has a vulnerability disclosure public policy as well as a public catalog of known and reported vulnerabilities. Our policy has maximum transparency and full communication with security researchers, always to mitigate the impact of any security problem and to be able to protect our clients as a top priority.

24/7 support

In our support, the technician who answers the phone has the whole team backing him up. If there is a security issue and a security patch has to be published within hours. We not only have the technology to spread the patch to all our customers, but also the team to develop it in record time.

Base system securing

Hardening or system securing is a key point in the global security strategy of a company. As manufacturers, we issue a series of recommendations to carry out a safe installation of all Pandora FMS components, based on a standard RHEL7 platform or its equivalent Centos7. These same recommendations are valid for any other monitoring system:

Hardening checklist for monitoring base system:

  • System access credentials.
  • Superuser access management.
  • System access audit.
  • SSH securing.
  • Web server securing.
  • DB server securing.
  • Server minimization.
  • Local monitoring.

Access credentials

To access the system, nominative access users will be created, without privileges and with access restricted to their needs. Ideally, the authentication of each user should be integrated with a double authentication system, based on token. There are free and safe alternatives such as Google Authenticator that can be easily integrated into Linux, although outside the scope of this guide. Seriously consider its use.

If it is necessary to create other users for applications, they must be users without remote access (for this, it is necessary to deactivate their Shell or some equivalent method).

Superuser access through sudo

In the event that certain users must have administrator permissions, SUDO will be used.

Base system access audit

It is necessary to have the security log /var/log/secure active and monitor those logs with monitoring (which we will see later).

By default CentOS has this enabled. If not, just check the /etc/rsyslog.conf or /etc/syslog.conf file.

We recommend you to take the logs from the audit system and collect them with an external log management system. Pandora FMS can do it easily and it will be useful to set alerts or review them centrally in case of need.

SSH server securing

The SSH server allows you to remotely connect to your Linux systems to execute commands, so it is a critical point and must be secured by paying attention to the following points:

  • Modify default port.
  • Disable root login.
  • Disable port forwarding.
  • Disable tunneling.
  • Remove SSH keys for remote root access.
  • Investigate the source of keys for remote access. To do this, look at the content of the file /home/xxxx/.ssh/authorized_keys and see which machines they are from. Delete them if you think there shouldn’t be any.
  • Establish a standard remote access banner that clearly explains that the server is a private access server and that anyone without credentials should log out.

MySQL server securing

Listening port. If MySQL server has to provide service to the outside, just check that the root credentials are safe. If MySQL only gives service to an internal element, make sure that it only listens on localhost.

Web server securing

We will modify the configuration to hide the Apache and OS version in the server information headers.

If you use SSL, disable unsafe methods. We recommend the use of TLS 1.3 only.

System service minimizing

This technique can be very exhaustive. It consists simply of eliminating everything that is not necessary in the system. Thus we avoid possible problems in the future with poorly configured applications that we really did not need and that can be vulnerable in the future.

Local monitoring

All the internal monitoring systems would have to be monitored to the highest level, specially information registries. In our case the following active controls in addition to the standard controls are always recommended:

  • Active security Plugin.
  • Complete system inventory (specially users and installed packages).
  • System logs and server security.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.

透過X-FORT解構非常規操作行為

內部威脅的範圍可能與一般認知不同,不一定如組織所想像的直接。除了當前的員工和管理人員外,還可能是可以存取特定系統的前員工,第三方顧問或業務合作夥伴都可能是內部威脅。

業界相關研究表明,將近20%的員工可以存取組織內的所有敏感資訊,這意味著,任何知道組織的網路資源和IT生態系如何運作的人,都可能成為內部威脅。阻止內部人員竊取重要資訊是一項非常艱鉅的挑戰,但仍有一些方法可以減輕惡意內部人員相關的風險,並檢測可能洩漏組織關鍵業務和敏感資料的異常行為。

大多數網路安全專業人員可能接觸過,在應對網路攻擊時使用入侵威脅指標(Indicator of Compromise,IoC)的相關訓練。但這種方法的性質屬於事後檢視,偵測使用者行為方面結果並非十分有效。再把場景切換到在家工作模式,則更是令安全專業人員感到挫折,因為它消滅了傳統習慣的明確保護邊境。以往資訊安全防護系統,如 Endpoint Security、SIEM、EDR、IDP、UTM、Firewall等,都是針對外部入侵及攻擊行為所設計,它們也的確很成功。但應用到發掘內部人員威脅活動,可能就存在許多限制:

為了釐清觀念,一般在分析攻擊手法時也會用到行為指標,分析攻擊階段的各種技術手法,來判斷遭到入侵的跡象;但這些系統所觀察的是設備的活動現象,並不是我們討論的使用者行為。

 

內部人員相較於外部攻擊組織,本質屬性有很大的不同

  • 合法的使用者
  • 熟悉內部資訊系統與網路環境
  • 擁有合法的存取權
  • 在工作上常態接觸重要資訊
  • 使用的設備可能不在既有的保護範圍內

基於這些特性,觀察設備活動指標就沒辦法區分內部威脅活動;有些產品具備行為基準線分析,不可否認的,對固定角色的伺服器很有效,很容易分析出異常,但是人的活動就沒那麼單純。

再者,組織內部的業務活動所產生的流量,有65%是在區域網路內(Local traffic),這代表很多行為根本不會經過邊境設備的過濾。

 

事件和行為的差別

對於資安系統來說,每一個事件都是單獨觸發的,詳實記錄系統所發生的事情。然而這樣的記錄本身並不能描述有意義的行為,具備前後上下文(Context)組合才有意義。對於行為指標而言,加入附件、螢幕截圖、貼上截圖、外部收件者這種關連事件組合,才是一個可以理解的觀察行為。

以下是幾個行為描述的例子

  • 使用者從企業內部網路,更改為連接手機分享熱點,然後再次返回。
  • 使用者將程式碼上傳到 Git Hub或未知的雲端儲存。
  • 使用者將內部網站資訊下載到外接儲存裝置。

利用行為指標描述來制定相關偵測規則,將大幅減少需要追查的事件和誤報。依據端點使用者的操作行為和使用者的活動歷史、上下文資訊,動態規則可允許該行為繼續執行。例如在一個會議上,會議召集人想要一份簡報,我們可以存到USB儲存裝置交付。若依照傳統規則,只會單純的禁止存檔至USB ,沒辦法適應業務狀況。

大多數安全解決方案訴求重點在設備事件,而不是以人的行為活動為中心。然而,無論企業資安建置得多麼完善,人員仍然是最不可預期、最獨立的變數。員工必須有效、安全的完成工作,因資訊安全行為,而影響生產力將很難被企業接受。

About Version 2

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

關於精品科技
精品科技(FineArt Technology) 成立於1989年,由交大實驗室中,一群志同道合的學長學弟所組合而成的團隊,為一家專業的軟體研發公司。從國內第一套中文桌上排版系統開始,到投入手寫辨識領域,憑藉著程式最小、速度最快、辨識最準等優異特性,獲得許多國際大廠的合作與肯定。歷經二十個寒暑,精品科技所推出的產品,無不廣受客戶好評。

FinTech’s popularity signals that it’s time to get serious about apps

The risks surrounding mobile apps have increased, along with the complexities of the solutions they offer. Among today’s top-ranking apps are integrated banking, e-trading, cryptocurrency and even regulatory compliance solutions. These complex applications move very real, personal and valuable data. While apps with lower complexities can still be exploited by malicious actors, the consequences of security breaches from FinTech applications can be considerably worse.

ESET has put both its time and research money where its mouth is for ten years, by helping to lower risks to smartphone users. This is most evident in ESET Mobile Security (EMS), which, since its release in 2011, has performed its protective functions across the many app types in the marketplace. EMS evolved in line with the increasingly complex mix of games, social media, mobile banking, online trading and various messaging platforms that have emerged over the past decade. Based on its popularity, it has taken the sting out of many common user mistakes and carelessness with mobile apps.

Our interest in FinTech can be mapped to a long-term focus on Android banking malware, a topic ESET focused several years of its threat research and product development on. Next, moves were made to collaborate with Google to protect Google Play, and even Chrome itself. And now, we set out to protect and raise consumer and business awareness via a new source – market research. Our FinTech consumer and business surveys set out to quantify and understand the risks people are willing to take to reap the benefits of FinTech.

We surveyed 10,000 consumers and 1,200 business leaders in a variety of industries across the UK, US, Australia, Japan, Mexico and Brazil. Respondents from both consumer and business perspectives were asked an extensive series of questions on the topics of financial technology and cybersecurity, and their impacts on securing finances in a COVIDian world, particularly in light of the coronavirus lockdowns.

While apps continued to increase in popularity, no one could have foreseen the effects of the pandemic on our digital lives. Amid regional and national lockdowns, and restrictions on physical businesses, we turned to our digital devices, and apps, more than ever. The interest in using FinTech platforms and solutions has been magnified, and as a result, it is even more imperative that app security is taken seriously.

Our market research clearly illustrated the popularity of FinTech solutions for both consumers and businesses, with almost two-thirds (62%) of consumers worldwide using some form of FinTech app or platform. In addition, over two-thirds (68%) of business leaders expect their companies’ investments in FinTech to increase in 2021/2022, and 81% of senior managers surveyed agree that COVID-19 has increased the need for improved security of finances.

However, of the 42% of global consumers that use a free FinTech application or platform, half do not know if the app they use sells their data. Additionally, only 31% of people say they read the terms and conditions of a FinTech application before downloading it, and only 29% read the privacy policy. Even among the one in five consumers worldwide who rate themselves as advanced in tech proficiency, 31% do not use a password manager. Although consumers who used four or more FinTech apps were more likely to have security software installed, and therefore, be better protected, information surrounding the risks of FinTech apps is lacking. Only 17% of consumers strongly felt that the quality of information available on the potential risks related to the usage of FinTech applications – such as digital wallets, budgeting apps, or e-trading apps – is adequate​.

For businesses, FinTech solutions offer streamlined, advanced and efficient processes to manage finances, and security is clearly a key priority with 72% of businesses actively investing in new technologies for better security of finances, and 81% of senior business leaders reporting that they adopt a cybersecurity-first approach when investing in new technology solutions. Although both FinTech solutions and cybersecurity are top of mind for many businesses across the world, the risk cybercriminals pose remains weighty.

Over half (58%) of businesses surveyed are confident in their security stances, while acknowledging that they are likely to be impacted by a cybersecurity incident. Of these businesses, those in information, research, and analysis (93%), and accounting, banking, and finance (87%) industries were most likely to think a cybersecurity incident would impact them. With 45% of businesses having experienced a cyber breach in the past, the security of FinTech platforms and apps is paramount to an organization’s financial security, and perhaps more pressingly, to its post-COVID-19 economic recovery.

There is no doubt about it – FinTech apps are here to stay. Whether you’re a casual user of a budgeting app or trading platform, or a global corporation using FinTech solutions to increase efficiency and profit, the security of your financial and personal data is paramount. Applications are able to take complicated concepts and platforms and distill them into user-friendly, easily accessible platforms, and for this exact reason, it can be all too easy to overlook whose hands data is falling into, and how it can be exploited. The security and safety of applications, especially, but not limited to, FinTech, must be considered just as important as overall user experience and benefit. Without comprehensive security, the benefits of FinTech applications cannot be fully appreciated, because the consequences of botched financial security are simply too high.

For more insight into FinTech for business and consumers, check out our blog. For security tips around FinTech, read more at WeLiveSecurity.com.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×