Skip to content

訊連科技FaceMe®前進2022台北智慧城市展  展出智慧安控、智慧物聯網與智慧金融等多種AI解決方案

【2022年2月9日,台北訊】 AI人工智慧領導廠商訊連科技(5203.TW)宣布將於 2022 年 2 月 23 日舉行「2022 智慧安控新機遇」研討會。會中將介紹FaceMe® Security 7新版本的多人動態式人臉辨識解決方案,提供門禁考勤及口罩偵測、體溫測量等防疫功能,可適用於智慧辦公室、智慧工廠及智慧建築等多樣場景,也推出全新「以圖找圖」的智慧人臉搜尋功能。此外,並邀請 Intel® 、Network Optix及晶睿通訊等產業專家,分享最新人工智慧於邊緣裝置的應用,及安控產業的最新趨勢。

疫情當前,員工上班量體溫、配戴口罩已是每日例行公事,然需使用額溫槍量測及使用刷卡方式打卡,不僅造成不必要之人力、時間成本,亦有潛在的接觸風險。訊連科技推出 FaceMe® Security 動態式人臉辨識軟體,方便員工以「刷臉」方式,無須刻意站在鏡頭前,自然行走即能完成人臉辨識,在 1 秒內同時完成出勤打卡、口罩偵測、體溫測量等後疫情世代必備工作,為企業實現「零接觸」門禁暨員工健康管理。

FaceMe® Security可相容於現行各式 IP 攝影機、邊緣裝置、工作站與伺服器,無須全面升級安控設備,僅需額外安裝軟體及搭配部分具有人臉辨識能力之電腦或工作站,以低於20%之成本,即可為企業無縫升級刷臉門禁、防疫等多樣應用。

訊連科技也與晶睿通訊、Network Optix 等安控廠商合作,將 FaceMe® Security 解決方案整合至主流VMS影像管理系統。當偵測到特定人士或事件發生時,便會即時發送告警,輔助保全迅速應對。

而為加強物聯網設備的 AI 運算能力,FaceMe® 亦針對多項 Intel® 物聯網服務進行優化,以提升企業在 Intel® 平台導入 AI 人臉辨識的運算效能與彈性。訊連科技為Intel® 物聯網解決方案聯盟成員,透過與 Intel® 深化合作,訊連科技將加速布局智慧安控與 AIoT 領域的落地應用。

「2022 智慧安控新機遇」研討會活動訊息

  • 時間:2022 年 2 月 23 日 13:30 – 16:30
  • 地點:華南銀行國際會議中心 201 會議廳(台北市信義區松仁路 123 號 2 樓)
  • 活動亦同時透過線上直播進行
  • 活動連結:https://mailchi.mp/cyberlink/solutions_day_2022

About Version 2

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

關於CyberLink
訊連科技創立於1996年,擁有頂尖視訊與音訊技術的影音軟體公司,專精於數位影音軟體及多媒體串流應用解決方案產品研發,並以「抓準技術板塊,擴大全球行銷布局」的策略,深根台灣、佈局全球,展現亮麗的成績。訊連科技以先進的技術提供完美的高解析影音播放效果、以尖端的科技提供完整的高解析度擷取、編輯、製片及燒錄功能且完整支援各種高解析度影片及音訊格式。產品包括:「威力導演」、「PowerDVD」、「威力製片」、「威力酷燒」等。

Your Weekly ICS / OT Security News Digest – March 10th

Our research team has put together all of the most relevant news topics in the ICS, IT, Ransomware & OT security fields, as well as their impacts and their expert recommendations:

ICS:

  1. Title: Access:7 Vulnerabilities Impact SCADA, Medical and IoT Devices
    Description: Seven vulnerabilities, tracked as Access:7, have been found in Parametric Technology Corporation’s (PTC) Axeda agent, used for remote access and management of over 150 connected devices from more than 100 vendors. Three of these flaws can be exploited to achieve remote code execution1.
    Besides healthcare-related technologies, these flaws also affect SCADA systems, asset monitoring technologies, IoT gateways, and more2.
    These are supply chain vulnerabilities, as Access:7 affects a solution sold to device manufacturers that did not develop their remote servicing system.

Attack Parameters: These vulnerabilities can be exploited by command injection, buffer overflow, and directory traversal.
Impact: Up to full compromise (RCE, DoS, sensitive data exposure, configuration modification, and specific services shut down)
SCADAfence Coverage: The SCADAfence Platform detects OS command injection and path traversal.

Recommendations: PTC has released patches for these vulnerabilities3.

  1. Title: TLStorm Vulnerabilities Impact APC Smart-UPS
    Description: Three critical vulnerabilities in smart uninterruptible power supply (UPS) devices, dubbed TLStorm, could allow for remote takeover. APC is a subsidiary of Schneider Electric, one of the leading vendors of UPS devices. UPS devices provide emergency backup power for mission-critical assets that require high availability4.

Attack Parameters: These vulnerabilities can be exploited remotely. Two zero-click vulnerabilities are in the implementation of the TLS protocol that connects the devices to the Schneider Electric management cloud.
Impact: Up to full compromise (information theft, configuration modification, RCE).
This could allow attackers to disrupt business services or cause physical damage by taking down critical infrastructure.
Recommendations: Schneider Electric released patches for these vulnerabilities.

Additional mitigations include:

  1. Deploying access control lists in which the UPS devices are only allowed to communicate with a small set of management devices and the Schneider Electric Cloud via encrypted communication.
  2. Changing the default NMC password and installing a publicly-signed SSL certificate.

IT:

  1. Title: Microsoft March Patch Tuesday

Description: Microsoft fixed 71 vulnerabilities, three of these critical, as they allow remote code execution. This Patch Tuesday also included fixes for three zero-day vulnerabilities5.

While these vulnerabilities haven’t been used in attacks, there are public PoC exploits for two of the zero-day vulnerabilities, one of them allowing remote code execution.

The remote code execution flaws which are more likely to be targeted are CVE-2022-23277 (Microsoft Exchange Server), CVE-2022-21990 (Remote Desktop Client), and CVE-2022- 24508 (Windows SMBv3 Client/Server)6.

Attack Parameters: Different for each vulnerability, though many can be exploited remotely. Impact: Up to full compromise (privilege escalation, information disclosure, DoS, RCE) SCADAfence Coverage:

  1. The SCADAfence Platform provides the ability to detect anomalous SMB activity.
  2. The CVEs mentioned above will be added to the Roadmap upon available POCs.

SCADAfence Recommendations:

  1. Microsoft has released patches for these vulnerabilities.
  2. RDP and SMB connections can be tracked with User Activity Analyzer.

Ransomware:

  1. Title: Conti Ransomware Operation Leaks
    Description: A Ukrainian researcher leaked messages taken from the Conti and Ryuk ransomware gang’s private chat server. The information in these messages included bitcoin addresses, evading law enforcement, how they conduct their attacks, the source code for the administrative panel, the BazarBackdoor API, screenshots of storage servers, and more. A password-protected archive containing the source code for the Conti ransomware encryptor, decryptor, and builder was leaked as well. While the leaker did not share the password, another researcher cracked it, allowing everyone access to the source code7.

Impact: The source code provides insight into how the malware works. However, the availability of the source code could lead to the attempt of other threat actors to launch their own operations using the leaked code.
It is unclear yet how this data breach will affect Conti’s operation.

  1. Title: Lapsus$ Extortion Group – NVIDIA and Samsung Breaches
    Description: Over the past two weeks, Lapsus$ extortion gang breached two international companies – NVIDIA and Samsung Electronics.
    Lapsus$ gang broke into NVIDIA’s network, stole information and threated to leak it unless the company removes the LHR limitations in the GeForce RTX 30 Series. The gang stole confidential information, the source code of its Deep Learning technology (DLSS), and more8. Employee credentials were leaked and two expired code signing certificates were stolen. These were used to sign malwares and tools, such as Cobalt Strike and Mimikatz9.
    A week later, the gang hit Samsung Electronics and exfiltrated data, including internal company data, the source code related to its Galaxy devices, the source code for trusted applets installed within TrustZone, algorithms for biometric authentication, and confidential data from its chip supplier Qualcomm10.
    Targets: NVIDIA, Samsung Electronics, Qualcomm
    Impact: Part of NVIDIA’s business was offline for two days. In the case of Samsung, the breach could provide a pathway into Samsung devices, rendering them vulnerable11.

SCADAfence Coverage: The SCADAfence Platform detects the use of Cobalt Strike and Mimikatz. Further investigation is pending the publication of additional technical information. Recommendations: Following are additional best practices recommendations:

  1. Make sure secure offline backups of critical systems are available and up-to-date.
  2. Apply the latest security patches on the assets in the network.
  3. Use unique passwords and multi-factor authentication on authentication paths to OT assets.
  4. Encrypt sensitive data when possible.
  5. Educate staff about the risks and methods of ransomware attacks and how to avoid infection.
  1. Title: RagnarLocker Ransomware
    Description: Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors12.
    Targets: Entities in the critical manufacturing, energy, financial services, government, and information technology sectors.

Attack Parameters: RagnarLocker frequently change obfuscation techniques to avoid detection and prevention. IOCs associated with RagnarLocker activity include information on attack infrastructure, Bitcoin addresses used to collect ransom demands, and email addresses used by the gang’s operators, were released.
Impact: Unknown due to limited information published.

SCADAfence Coverage: The SCADAfence Platform detects the use of CMD to execute commands and the attempt to stop services, both techniques used by the gang.
Recommendations: The FBI advised against paying a ransom, and encouraged businesses to report any ransomware attacks to help prevent future incidents. An advisory was published providing IOCs that can be used to detect and defend against this ransomware.
Following are additional best practices recommendations:

  1. Make sure secure offline backups of critical systems are available and up-to-date.
  2. Apply the latest security patches on the assets in the network.
  3. Use unique passwords and multi-factor authentication on authentication paths to OT assets.
  4. Encrypt sensitive data when possible.
  5. Educate staff about the risks and methods of ransomware attacks and how to avoid infection.
  1. Title: Toyota Production Affected by Cyberattack
    Description: A system failure at one of Toyota’s suppliers of vital parts, Kojima Industries, caused Toyota to suspend the operation of 28 production lines in 14 plants in Japan13. Although Kojima has not published any official information, the company’s website was offline and Japanese news outlets claimed that the disruption is a result of a cyberattack. This attack could be linked to Japan’s sanctions on Moscow, though there is no confirmation of a Russian connection.
    Attack Parameters: Unknown due to limited information published.

Impact: The expected impact is a 5% drop in Toyota’s monthly production in Japan, which translates to roughly 13,000 units.
Recommendations: Unknown due to limited information published.

Additional Resources:

1 https://www.bleepingcomputer.com/news/security/access-7-vulnerabilities-impact-medical-and-iot-devices/, https://www.ptc.com/en/support/article/CS363561

2 https://www.darkreading.com/vulnerabilities-threats/medical-and-iot-devices-from-more-than-100-vendors-vulnerable-to-attack

3 https://www.forescout.com/resources/access-7-supply-chain-vulnerabilities-can-allow-unwelcomed-access-to-your-medical-and-iot-devices/

4 https://threatpost.com/zero-click-flaws-ups-critical-infratructure/178810/, https://info.armis.com/rs/645-PDC-047/images/Armis-TLStorm-WP%20%281%29.pdf

5 https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2022-patch-tuesday-fixes-71-flaws-3-zero-days/, https://threatpost.com/microsoft- zero-days-critical-bugsmarch-patch-tuesday/178817/

6 https://www.darkreading.com/vulnerabilities-threats/microsoft-patches-critical-exchange-server-flaw

7 https://www.bleepingcomputer.com/news/security/conti-ransomware-source-code-leaked-by-ukrainian-researcher/

8 https://thehackernews.com/2022/03/hackers-who-broke-into-nvidias-network.html, https://www.bleepingcomputer.com/news/security/hackers-to-nvidia- remove-mining-cap-or-we-leak-hardware-data/,

9 https://www.securityweek.com/credentials-71000-nvidia-employees-leaked-following-cyberattack, https://www.bleepingcomputer.com/news/security/malware-now-using-nvidias-stolen-code-signing-certificates/

10 https://thehackernews.com/2022/03/samsung-confirms-data-breach-after.html , https://www.bleepingcomputer.com/news/security/samsung-confirms-hackers-stole-galaxy-devices-source-code/

11 https://threatpost.com/samsung-lapsus-ransomware-source-code/178791/

12 https://www.bleepingcomputer.com/news/security/fbi-ransomware-gang-breached-52-us-critical-infrastructure-orgs/

13 https://www.bleepingcomputer.com/news/security/toyota-halts-production-after-reported-cyberattack-on-supplier/ , https://threatpost.com/toyota-to-close-japan-plants-after-suspected-cyberattack/178686/

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SCADAfence
SCADAfence helps companies with large-scale operational technology (OT) networks embrace the benefits of industrial IoT by reducing cyber risks and mitigating operational threats. Our non-intrusive platform provides full coverage of large-scale networks, offering best-in-class detection accuracy, asset discovery and user experience. The platform seamlessly integrates OT security within existing security operations, bridging the IT/OT convergence gap. SCADAfence secures OT networks in manufacturing, building management and critical infrastructure industries. We deliver security and visibility for some of world’s most complex OT networks, including Europe’s largest manufacturing facility. With SCADAfence, companies can operate securely, reliably and efficiently as they go through the digital transformation journey.

Data Loss Prevention, Guide for 2022

Data is the most precious asset a company has, from copyrights and client lists to sensitive information about employees. Most data is now in electronic form. It is created and accessed through software, databases, and other tools, making it vulnerable to loss and theft. 

What You Will Learn:

Let’s start with a real-life experience. When working with an advertising agency, one of my colleagues sent an internal document with all invoices, including prices related to an essential client, to the their account manager’s email address. But unfortunately, instead of choosing the Company/Account she chose the client Company – and the client ended up with a ready-made argument on how to lower their fee. The colleague soon became an ex-colleague, and the client left the agency shortly afterward. 
Even though this scenario may seem like an exaggeration, these kind of mistakes happen in every company. Furthermore, they are compounded by malicious intent, such as a disgruntled employee stealing a client’s database to sell to acompetitor, or a contractor downloading a list of every transaction made. 

What is Data loss prevention? How to take care of your data security  

Data loss prevention (DLP) is simply a process of securing your sensitive data from being lost, accessed by unauthorized persons, or misused. This process usually uses a tool, such as DLP software and platform, to classify data and determine what to protect, and actual protection of that data by implementing/enforcing security policies.

This approach is not only in the company’s business interest, but also legally required by regulations such as GDPR, HIPAA and PCI-DSS. And of course, this process needs to be embedded into company processes and data handling. Every company to some extent, needs to resolve the following issues:  

  • The protection of intellectual property and trade secrets is vital for your organization’s financial results and your brand reputation. 
  • Regulatory compliance to ensure the compliance with information protection security acts, to detect and prevent regulatory violation.
  • Insight into your organization effectivity to optimize internal processes and resources, such as hardware or software use. 

The Main Components of DLP: A short glossary 

Let’s take a look at DLP and what you need to take into account when setting up this process. This will come in handy when discussing the uses and advantages of specific data loss prevention software. 
 
The most important asset is data. 

  • Data at rest: data stored in archives and databases that is not actively accessed or processed. 
  • Data at motion:  data in transit or in flight that is moved from one location to another, i.e., by copying or downloading. This transfer may happen within an organization network or outside it. Both types need to be protected and are most vulnerable to attack or threat. 
  • Data in use: active data that is currently being read, processed, updated or deleted by the system. 

Data loss prevention software protects this data against some types of data incidents. These incidents may vary according to their intentionality (from mistakes to thefts) and with different levels of severity and extent. 

  • Data loss: event that results in data being deleted, corrupted, or made unavailable  
  • Data leakage/data leaks: unauthorised transmission of data 
  • Data breach: intentional or unintentional release of sensitive information 

Even though the actual name “data loss prevention” implies that it prevents data loss, most software protects against data leakage and, in some scenarios, against data breaches. The term “data loss prevention” is used so widely, and has been for such a long time, it will probably remain the preferred way to describe a solution that makes it difficult for sensitive data to be leaked or misused outside a company. 
 
These data issues can happen at endpoints, like on devices such as computers, mobile phones, tablets, or printers and USBs, or on shared folders, NAS, or servers. Endpoint security is a critical part of data protection in times of hybrid work and BYOD. 

The most critical process is determining the value of data, since not all data was created equal.

It is important to consider the following when determining the value of data:

  • Data identification and classification simply means discovering where the data is and if it needs to be protected, and to what extent. This process may be manual, using rules and metadata, or semi-automatic using content & context classification and end-user classification. In the future, AI and ML could theoretically enable fully automated classification (but should still be subject to human control). Data classification is done using content and context. 
  • Content of the data: if a document contains credit card numbers or hospital patient information, it would be worth preventing it from being sent to persons outside the company or even unauthorized persons within an institution. 
  • Context of the data: where and when the information was created, where was it stored, and how it was changed.
  • And finally, with all these components in place, you may be able to detect data leaks and/or prevent them. Detection means having the information after the fact (such as an alert that an employee sent a sensitive file outside the company). In contrast, prevention means making sure a leak doesn’t happen (e.g., when attempting to upload a file to the internet, the upload is blocked).    

Data loss is caused by internal and external actors. 

“Next time we run a company, no employees.” Chief data security officers would agree, since around half (from 40% to 60%, according to different sources) of data breaches are internal. They come from employees, contractors, and other actors connected to the company. What are the most common scenarios? 

Mistakes: sharing sensitive data outside a company can happen in a blink: replying to all or sending to the wrong person. This unintentional or negligent data exposure constitutes the majority of data leaks. 

Intentional disclosure of the information: an internal actor, such as an employee or a contractor, moves sensitive data outside the organization for their own benefit. 

Use of incorrect software or process: uploading a client’s file on a public repository, or using a public computer or wifi areexamples of another common problem. “Shadow IT”, i.e., the use of unauthorized software and services, may be improved through employee training, but data loss prevention software can systematically solve this issue, like blocking data transfers to those services. 

Theft or loss of devices: hybrid work results in the increased portability of company devices and therefore more occasions for loss or theft. You may remember the Secret service agent’s stolen laptop that contained Hillary Clinton’s emails. Or read our article about the risks of external devices.

Data loss prevention software: why and how to choose   

DLP software identifies, detects, and protects an organization’s sensitive data, whether they are at rest, in motion or in use on its different endpoints.

The main advantages of data loss prevention software are protecting a company’s reputation and upholding its business value by detecting or preventing data leaks. In the first case, it lets you take appropriate measures and mitigate incidents; in the second, it prevents incidents from even happening. In the wrong email address example, detection could mean determining that a sensitive document was sent to an unauthorised address; prevention would be not allowing the employee to send the material at all.

Another long-term benefit of these solutions is employee education. Because they are warned or notified of unauthorized data-related operations, they learn and internalize the correct way to manage sensitive. As demonstrated, the weakest link of every security solution is human. By educating employees, contractors, and other internal actors, a company can improve its data security in the long run. Some DLP platforms incorporate this already: a user can upload a sensitive file by justifying the action, knowing that everything is logged. 

How to choose a DLP solution? First, you need to determine what legal frameworks apply to your company and what main scenarios you want to protect: audit and monitor your data, protect your data against insider threat or audit your company’s use of resources.  

Questions to ask potential vendors

  • Does it cover the security scenarios of your organization?  
  • Is it sufficient for the size and complexity of your organization?  

Your ideal vendor should work with you during each step to help you determine the extent of the solution you need, starting with a data management audit. Implementing data loss prevention does not stop with the choice of vendor and setting up the software. Even though it is usually the IT department who runs this initiative, all employees should be aware of the process and educated about the use of the selected software and correct data-related behavior.
 
While the end-user of DLP software is often a single technician, the information gathered offers essential information concerning company-wide issues, such as the rise in data incidents, a sudden surge of insider threat, or sub-optimal use of company resources.
 
If you want your platform not only to deliver protection and prevention when it comes to data security but also offer you valuable insights, incorporate them into your reporting stack and make it part of your data-driven management. 

Your data is your most important asset – protect it accordingly.  

Data loss prevention software helps not only protect company sensitive data against insider threat and loss but also helps to future-proof your organization when it comes to business continuity, reputation, and knowledge management. It is an important part of data-driven decision-making, helping you prevent or resolve data-related incidents and educate employees about the necessity of treating data as the most critical business asset.
 
Choosing and implementing DLP software are integral parts of a company-wide initiative for general data management and protection. Just as it is normal for a company to protect its data against external attacks by using antimalware and firewalls, antimalware, and secure web gateways, it should also be natural to use DLP software to protect the data against loss and insider threat.

Why Safetica

Learn how can Safetica meet company sensitive data protection and operation audit goals.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Safetica
Safetica is to provide small and mid-sized companies with the same quality data protection that corporations have – affordably, and without any additional IT administration or disruptions in operation.

Awingu vs. Apache Guacamole

Comparing Apache Guacamole & Awingu

Awingu has a built-in RDP to HTML5 gateway. No wonder that we get compared to Apache Guacamole from time to time. In this blog we’ll have a look at what Guacamole is and how it compares to Awingu.

Apache Guacamole is a client-less remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH. It is client-less in the sense that it delivers apps (or desktops) in HTML5 when Guacamole is installed on the back-end. Apache Guacamole is a free and open-source platform that is maintained by the Apache community.

As a free open-source tool, it got a nice basis of fans; from home-users to businesses to software companies. The latter embed Guacamole in their products (VPN and firewall vendors for example; even if most of them will be secretive about it).

How can they be compared exactly?

Awingu does not rely on Apache Guacamole

For starters, lets be clear about this: Awingu does not use (build on, rely on, ) Apache Guacamole. Awingu uses its own proprietary HTML5 gateway. I frequently hear the false claim that Awingu used Guacamole… and while this is true for a number of competitors in our space, it is certainly not for Awingu.

Awingu is a commercial product

Secondly, Awingu is a commercial product with a commercial organization around it. So this means we have extensive product documentation, technical support, technical trainings, commercial models for channel partners, contractual obligations, etc. That obviously means we sell our product and don’t offer it for free. I guess that’s the first big difference. Who will you call when you have a problem? What happens when there are security vulnerabilities identified? And so on.

This also extends into the organization behind Awingu. We are a very security and compliance focused organization, e.g. we are ISO27001 certified. I need of course to be very cautious as there is no such thing as absolute security: we continuously get pen-tested (by customers, internally and by neutral third parties) and always pass the bar, moreover our roadmap is very security / Zero Trust focused (with capabilities such as MFA, SSL, context awareness, usage audit, …). Apache Guacamole has been hit by a pretty severe vulnerability in July 2020. Since then, 5 other CVEs (Common Vulnerabilities and exposures) have been identified (and fixed!)

Furthermore, it means that we not only have a wide channel ecosystem with trained and certified engineers that covers big parts of the globe; but also that we have a set of tested technology partnerships (e.g. BlackBerry, OpsWat, IdenProtect, …) that extend and  complement the Awingu perimeter.

Differences on technology level

Thirdly, if we take a look at the technology perspective there are also some obvious (and less obvious) differences. Awingu was built with the idea that it should be simple to deploy and work with, for Windows or Linux admins. I think its not a false statement to claim Guacamole has most fans in the Linux and open-source communities.

Now, let’s take a deeper look in the architecture and features (this will not be an exhaustive list, but I try to list the main differences):

Some similarities:

  • HTML5 gateway & Protocols supported: Guacamole supports SSH, VNC and RDP. From that list, Awingu supports RDP. However, Awingu also supports WebDAV as well as CiFS and further Awingu’s built-in reverse proxy supports web applications.
  • Similar(ish) features for published applications:
    • HMTL5 access (browser-based access)
    • Virtual keyboard
    • Virtual (pdf) printer
    • Session sharing and session recording
    • MFA TOTP built-in, incl. support for RADIUS
  • Also similar to Awingu, Guacamole is not built to render highly graphical applications (e.g. 3D rendering), video or run video/voice calls
  •  

… and some differences:

  • File server access:
    • Awingu includes access to file servers via WebDAV or CIFS via the Awingu ‘files’ section. Files can be opened from Awingu ‘files’ with associated published applications
    • Via Awingu files, one can also ‘share’ files (large or small) similar to the functioning of WeTransfer (with the exception that you don’t need to upload your file(s) into a 3rd party cloud)
  • Awingu comes with a built-in Reverse proxy to enable access to (internal) web applications without the need for RDP (nor RDS CALs)
  • UX:
    • I’m too biased to judge on the intuitiveness and look and feel of the workspace front-end. I’m not going to comment on it 😊

 

 

    • Multi-monitor capabilities in Awingu are better developed with multiple options (more on this feature)
  • Smartcard support (in-app usage): Awingu can support the use of smartcard (e.g. eID card) within applications (e.g. reading an eID card info) with the support of its RAH (Remote Application Helper). The RAH is the only exception in Awingu’s HTML5 centric story. The RAH is an agent that needs to be installed on the local computer (Windows, MacOS or Linux). Guacamole does not support in-app usage.
  • Security & compliance: Awingu also comes with…
    • built-in Context Awareness capabilities (e.g. based on location or IP address as context)
    • built-in usage audit and anomaly detection (which can be hooked-up into a SIEM)
    • Single Sign-On (SSO) capabilities over SAML or OpenID Connect without vaulting passwords in the Awingu appliance. Guacamole does support SSO, but leverages password caching. We believe the Awingu setup is more secure.
    • SSL encryption built-in
  • Also, from an architecture perspective there are differences:
    • Awingu is delivered as a virtual appliance, while Guacamole requires installing multiple services (or multiple docker containers which require to be linked). We believe the virtual appliance does not only offer significant benefits in speed of deployment but especially stands out in simplicity.
    • Inside the Guacamole Server, Guacamole will behave different than Awingu as it leverages in an internal translation protocol (RDP Guacamole protocol HTML5) while Awingu does not. This makes Awingu a more resource optimized HTML5 gateway (but obviously, Awingu runs a lot of other services on the same virtual appliance).
    • Awingu can enable HA (High Availability). In a multi-node deployment, Awingu can fail-over between nodes when issues arise.
    • Awingu comes with out-of-the-box multi-tenancy.

Conclusion

So, Guacamole vs. Awingu? A lot of similarities, but even more differences. This blog post is based on our knowledge of Guacamole – which might not be complete, we don’t pretend to be Guacamole experts – and takes a deeper look into those elements that we hear our customers mostly talk about.

Speaking of those Awingu customers, could be interesting to know that they are typically part of these following groups:

  • Organizations (public or private) that enable:
    • Work from Home
    • Contractor Access
    • Secure intra-network access
  • Cloud/managed service providers that offer their customers a digital workspace
  • ISVs (making legacy applications available in the browser, just like SaaS)

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Parallels 
Parallels® is a global leader in cross-platform solutions, enabling businesses and individuals to access and use the applications and files they need on any device or operating system. Parallels helps customers leverage the best technology available, whether it’s Windows, Linux, macOS, iOS, Android or the cloud.

About Ceeyu
Ceeyu provides a cloud-based analysis of a company’s digital presence, outside-in. This posture analysis displays all IT assets visible to any internet user, including malicious ones applying a similar analysis to gather intelligence to determine their attack paths. Ceeyu aims to quickly expand its intelligence gathering, support to standardize the results and automate the analysis to minimize its cost and provide continuously near real-time posture analysis.

About Toreon
Toreon is the largest Flemish originated cybersecurity expert services company. Grown from a team of specialized professionals, the company expanded rapidly organically. Toreon analyses the cybersecurity posture from the inside-out. A cybersecurity analysis can quickly require between 100 and 200 different scans that need to be executed, resulting in information that requires analysis. To optimize its services to its customers, but also to optimize the internal expert resources, Toreon has started to automate these analyses, but aims to further expand this process automation and by adding automated intelligence.

About VUB Labs
The VUB Software Languages Lab and the VUB Artificial Intelligence Lab are both innovative engineering departments from one of the leading Flemish universities in Belgium. Both have a long-standing scientific and industry-supporting background. Their expertise from the domain of applying AI-based automation and fuzzing technologies will be supporting the technology companies throughout the two-year project.

About LSEC
LSEC, an industry association that celebrates its 20th anniversary in 2022 will be focusing on the standardization work for automated postures, in relation to third party risk management analysis and relaying to developing industry standards in the US and EU. For more information, please contact Ulrich Seldeslachts, MD LSEC, Sebastien Deleersnyder, CTO Toreon, or any of the industry and scientific partners.

Password Strength: How to Create Strong Passwords for Credentials?

Having an efficient password policy is critical to the cybersecurity of companies. Since using easy-to-identify passwords is a way to facilitate scams by malicious actors. For the same reason, repeating passwords is a risky practice.

In 2021, more than 8.4 billion passwords from people all over the world were leaked and posted under the name ‘rock you 2021‘ in an online forum. What did they have in common? They used between 6 and 20 characters, without spaces, numbers, or symbols.

Other characteristics of easy-to-steal passwords are: using birthday or algorithms with repeated numbers, proper names, numerical combinations, and the word Brazil are also often found in leaked passwords of Brazilian users, in addition to the sequence 123456.

We have prepared this article especially to help you keep your company protected. In it, we will propose positive actions for an effective password policy. They are as follows:

  • Change Passwords Frequently
  • Use Software that Alerts You About the Change
  • Join an Account Lockout System
  • Train Your Employees
  • Do Not Use the Same Password for All Accounts
  • Create Strong Passwords
  • Have a Password Manager
  • Adopt Multifactor Authentication in Your Company’s Routine

Read it until the end!

Why Should You Adopt a Secure Password Policy?

We know hackers take advantage of the weakness of corporate passwords in most cyber-invasions. 

Therefore, regardless of the size or industry of an organization, it is essential to have a secure password policy. After all, by adopting it, one avoids invasions that generate inconvenience and financial losses, in addition to preventing the company’s credibility from coming into question.

In practice, the password policy establishes rules to be followed by the entire team, ensuring the adoption of security requirements when creating passwords for accessing corporate devices and systems.

In the next topic, we cover some criteria you should adopt when establishing a password policy for your business. 

 

Positive Actions for an Effective Password Policy

You now understand the importance of creating a secure password policy for your company. Now, let’s show you how this can be done. Keep reading our text!

  • Change Passwords Frequently

It is believed that using the same password in different applications and services can facilitate the access of malicious users, and when we reduce the number of accesses with the same password, we also reduce the possibilities that they are shared and available for access by third parties.

However, the usefulness of this measure has been questioned. Microsoft itself stopped asking for the periodic change of passwords, considering this method useless. According to this report in Isto É Dinheiro, Aaron Margosis, a cybersecurity consultant at Microsoft, stated it is necessary to change the password only if it is stolen.

Despite this debate, the periodic change of passwords has still been recommended, for this reason, we explain about software that emits alerts when it is time to change them in the following topic.

  • Use Software that Alerts You About the Change

There is specific software that warns about the need to change passwords. They work as follows: when you try to access the computer after some time, you see a pop-up, warning you about the need to change your password to proceed. If you don’t, you will not be able to access the system.

These pieces of software are very useful because, over time, it is very common for people to get comfortable and fail to change their passwords within a certain time.

  • Join an Account Lockout System

Blocking accounts is a very important practice that prevents access after a certain number of attempts. This feature prevents the user from trying to access a system by testing multiple passwords until they reach their goal. This practice is known as brute force and is often used by malicious attackers to gain unauthorized access to these systems.

To get a sense of the importance this feature has, it is widely used by e-mail services and various websites.

  • Train Your Employees

If you are at the head of an organization, you should know that in addition to investing in technology to ensure information security, you need to train your employees through awareness and training to make it possible to identify and avoid threats.

Many people are unaware of the risks involved in accessing corporate systems. In these cases, it is necessary to introduce good practices and enforce them to prevent cyberattacks, including password theft. 

It is also important that these pieces of training are constant, since technology advances every day, as well as the techniques used by malicious agents.

  • Do Not Use the Same Password for All Accounts

If someone manages to steal your password from social media, for example, it is very likely they will test it on your other services, causing much more damage if you use the same password to connect to different online platforms.

Therefore, when establishing a password policy, remember to recommend that your employees have a different password for each online environment they access.

  • Create Strong Passwords

It is not enough to use passwords to access systems. It is necessary to resort to strategies that make it possible to increase the security level of the passwords used. After all, hackers often analyze users and attempt the invasion by testing obvious possibilities such as birthdates, relatives’ names, and short words.

In these cases, we recommend using a minimum number of digits, combining uppercase and lowercase letters, numbers, and symbols.

  • Have a Password Management Solution

If you follow the fifth and sixth tips in this article, your employees will have to remember a lot of complex passwords, which can be quite difficult. That’s where a password management solution comes into play.

This feature is capable of storing passwords, facilitating the work of users, who only need to remember the password used to access this system. What’s more, password managers still suggest codes that are unlikely to be discovered. 

Of course, like all other apps, they can be breached. Therefore, it is essential to use an extremely secure master password.

  • Adopt Multifactor Authentication in Your Company’s Routine

One of the ways to create a secure password policy is to adopt multifactor authentication (MFA). This solution brings together different mechanisms to prevent intrusions, which are:

  • Knowledge Factor: something the user knows, such as a password;
  • Ownership Factor: something the user owns, such as a token; and
  • Inheritance Factor: something that relates to who they are, as in the case of biometrics.

But remember an important detail: in the multifactor authentication, the mechanisms must be independent of each other to guarantee the protection of a system. This means that if one of the factors gives access to the other, your organization is not protected.

By reading this article, you learned what you should do to create an effective password policy for your organization. Did you like our text? Share it with someone else who is interested in the topic. 

 

ALSO READ IN SENHASEGURA’S BLOG

High Availability: Technology that Guarantees Productivity and Credibility

China has Published Its Specific Law For the Protection of Personal Data. What Are The Implications?

My Company Suffered a Ransomware Attack: Should I Pay the Ransom or Not?

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Segura®
Segura® strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×