Wednesday, June 21, 2017

Ohanae Announces the Ohanae Trusted Collaboration Platform on the Salesforce AppExchange, the World’s Leading Enterprise Apps Marketplace


Delivers information governance and compliance by empowering companies to share files securely with anyone in a whole new way


San Francisco, June 28, 2017– Ohanae; today announced the Ohanae Trusted Collaboration Platform available on the Salesforce AppExchange, empowering businesses to connect with their customers, partners, and employees in entirely new ways. 

Ohanae delivers TRUST by reimagining information governance and compliance to let users directly connect with customers, increase partner success, and drive employee productivity.  Ohanae offers a comprehensive, mobile-native approach to digital risk monitoring for information assets, from endpoint to endpoint.  Ohanae protects passwords and data from any type of file, on many devices and in the cloud, and securely shares that with anyone.  Ohanae's unique approach allows security to travel with shared files.  This gives organizations full visibility and control over all communications at all times no matter where they are or what platform they may be on.

Built on the Salesforce Platform, Ohanae Trusted Collaboration Platform is currently available on the AppExchange at http://sforce.co/2922uJ5

Information Governance and Compliance

The reality today is that files are usually stored and shared in cleartext, unencrypted, with no visibility and no control.  Many users lack access to, or ignore encryption capabilities, as they create and share their files.

Native Encryption Here Now

Companies need one platform to connect everything.  Now available on the AppExchange, Ohanae’s Trusted Collaboration Platform extends the boundary of the world’s most trusted enterprise cloud by providing native encryption for users of Salesforce. 

Ohanae protects files wherever they travel, giving full visibility, control, and nailing compliance with mandatory government regulations.

Digital Risk Monitoring for Information Assets

Organizations don’t buy security software because it's the right thing to do or to get a return on investment.  They buy it to fill a need, to mitigate a risk or to comply with regulatory requirements.

“Ohanae identifies assets that need protection and risks that require mitigation strategies and controls", said Greg Hauw, founder and CEO, Ohanae. “When organizations are breached and data is compromised, Ohanae is a critical part of an incident response playbook that meets regulatory requirements.”

“Everyone and everything is getting smarter and more connected than ever before, and companies are looking to transform the way they connect with customers, partners and employees,” said Kori O’Brien, SVP, ISV Sales, Salesforce. “By leveraging the power of the Salesforce Platform, Ohanae provides customers with an exciting new way to share files securely.”

Ohanae's Trusted Collaboration Platform Key Features

Ohanae empowers companies to share files securely through a consistent sharing app across many mobile and desktop platforms. 

  • You may share files securely via Salesforce Chatter/Libraries,/Files, email attachment, iMessage and access the shared files from any device installed with the Ohanae sharing app.

  • You can also create, share, and keep files securely in file synchronization & sharing services such as Box, Dropbox, Google Drive, and OneDrive, while permitting a secure and familiar access from any device.

  • Enterprise subscription is priced at $15 per user/month inclusive of Force.com embedded edition user license, Ohanae sharing app license for iOS, Android, Universal Windows Platform, macOS, and Windows Desktop. 

  • Role-based access control based on Salesforce Identity, document tracking and revocation, device centric endpoint data protection, and 1-Tap Login password management.


About Salesforce AppExchange

Salesforce AppExchange is the world’s leading enterprise apps marketplace that empowers companies to sell, service, market and engage in entirely new ways. With 3,500 partner apps and more than 4 million customer installs, it is the most comprehensive source of cloud, mobile, social, IoT, analytics and artificial intelligence technologies for businesses.

Salesforce AppExchange and others are among the trademarks of salesforce.com, Inc.

About Ohanae

California-based Ohanae delivers TRUST by reimagining information governance and compliance to let you directly connect with customers, increase partner success, and drive employee productivity like never before.  Ohanae offers a comprehensive, mobile-native approach to digital risk monitoring for information assets, from endpoint to endpoint.  Ohanae protects passwords and data from any type of file, on all popular devices and in the cloud, and securely shares that with anyone.  Ohanae is unique because it allows security to travel with shared files. This gives organizations full visibility and control over all communications.

Ohanae is the federally registered trademark of Ohanae, Inc.


###

Tuesday, October 25, 2016

Whoever Wins the White House, This Year’s Big Loser Is Email

Hackers exploited connected "smart" devices for massive cyberattack to disrupt major websites across U.S.  Private security group says Russia was behind John Podesta’s email hack, email has proven to be an embarrassment of ways to conveniently communicate with one another. Let’s analyze the basic mystery buried in the emails: Why were all these people discussing so much over email in the first place? The answer, of course, is that email is as tempting as it is inescapable, for Mrs. Clinton as well as for the rest of us. More than 50 years after its birth, email exerts an uncanny hold on all of our internal affairs.

The sudden exposure of the Clinton campaign email cache is perhaps the ultimate evidence that we have all overcommitted to email — we have put too much in it, expected too much from it, and now, finally, we are seeing the spectacular signs of its impending destruction.

Email is simply not up to the rigors of modern political and business life. It lulls us into a sense of unguarded security that it never delivers. It entices us to spill our darkest secrets, and then makes those secrets available to any halfway decent hacker. There are several alternatives that could take its place, without the same pitfalls, and the Clinton cache shows why we would be wise to adopt one of them.

What about iMessage?

Let’s pour one out for email, which has had quite a run and move on to something else. Picture yourself, the Clinton campaign uses iMessage to convey news, to set out tactics and strategy, to theorize, to push back, to gossip. It is used in place of phone calls and face-to-face meetings; it is used as a daily calendar and a collaborative whiteboard. Having a single place to discuss everything makes teams more efficient.

Millions and millions of people use iMessage every day. But how many people know exactly what’s going on behind the scenes, or what happens to a message once you send it?
To over simplify it: imagine you have a mail box. This box has two keys. One key lets you drop mail into the mail slot, and one key lets you take mail out. The input key and the pickup key are entirely different; one can never be used to replace the other. You can give away a million copies of your input key, and no one could use it to do anything but put mail in. Unless they find a copy of your pickup key or find a weakness in the way your mailbox was designed, your message is safe.

This is the thinking behind iMessage and public-key cryptography. Your “public key” is like the mail slot key. You can share it with the world, and anyone can encrypt messages to send to you. But the public key only works in one direction. Once a message is encrypted, that public key can’t be used to decrypt it, or reverse the encryption. Once encrypted, your private key (the mail pickup key) is the only way to restore the message to its original readable form.

How iMessage works?

When a user first enables iMessage, your device creates two sets of private and public keys: one set for encrypting data, and one set for signing data (verify that the encrypted text has not been modified after it was sent to the server. If these two things ever do not match up, red flags start going off.)

Your public keys are sent to Apple’s servers. Your private keys are stored on your device. Apple never sees your private keys.

When someone starts an iMessage conversation with you, they fetch your public key(s) from Apple’s servers. Before that message leaves the sender’s device, it’s encrypted into something that only your device knows how to decrypt.

Apple quietly released a document in May 2016 that breaks it all down. 

File Compliance Management for iMessage
Now you can select a shared file created by Ohanae (.oha) from Dropbox from within iMessage, and share your work in-line while you are chatting with teammates.

While the Apple iMessage provides enterprise-grade security for content at rest, those protections stop the moment files are shared, emailed, or downloaded from the iMessage.  That’s where Ohanae steps in to protect your files anywhere they travel, giving you full visibility, control, and assisting your compliance with mandatory government regulations.

Ohanae alleviates data-sovereignty concerns by making it easier to encrypt data and control the encryption.  Eventually, everyone will come to their senses and realize that the real solution for data sovereignty is encryption, not building data centers in various countries.


Download a copy of the Ohanae Technical Overview here: Ohanae for Salesforce on AppExchange

Tuesday, September 13, 2016

U.S. officials investigating hacking into more state election systems


Witnessing the many destructive cyberattacks, it is now clear that nobody is safe. 


U.S. officials are expanding their investigation into the hacking of state election systems as officials believe more states beyond just Arizona and Illinois were affected, a government official has confirmed to CBS News. The U.S. believes that people working for the Russian government are behind the hack of internal emails at the Democratic National Committee, officials confirmed to CBS News.

Enterprise social networks could potentially replace email if implemented correctly


Salesforce Chatter has radically evolved to meet the increasing demands of enterprise collaboration. Chatter has delivers significant benefits for enterprise including increased productivity, engagement, visibility and responsiveness.

Contextual communications
Discussions grouped by Account, Opportunity or any other record give greater depth of understanding.

Sharing in groups
Create centers of excellence that are easily accessible for information and questions.

Sharing files
Unlike email, links to files are updated when a file is modified so you always get the latest version, categorized for easy searching.

Gauge feedback
Use polls to quickly gauge demand or get feedback from your user-base.

Prioritizing topics
 Understand what the pressing issues are with popular discussed topics bubbling to the top.

Influencers
Know who is really influencing the organization by understanding the influencers.

Communities
Involve your customers in conversations, leveraging groups and communities allowing for quick response to critical questions.

Leveraging the feed
Create a task, create a case… Salesforce’s vision is that users will be able to do everything from the feed.

Include Chatter Free users
Even users without a Salesforce license cane benefit from Chatter … for free!

Comply with regulations, maintain confidentiality, share with confidence


Companies need one platform to connect everything. The Salesforce App Cloud is trusted by customers worldwide to keep their most critical data secure. While the Salesforce App Cloud provides enterprise-grade security for content at rest, those protections stop the moment files are shared, emailed, or downloaded from the cloud. That’s where Ohanae steps in to protect your files anywhere they travel, giving you full visibility, control, and assisting your compliance with mandatory government regulations.

Ohanae is fully integrated into the Salesforce App Cloud. Ohanae delivers compliance management for files through secure file sharing in a whole new way. Ohanae protects passwords and data from any type of file, on all popular devices and in the cloud, and securely shares that with anyone. Ohanae is unique because it allows security to travel with shared files. This gives organizations full visibility and control over all communications.


Compliance Management for Files


Wednesday, June 15, 2016

Extending the Boundary of the World’s Most Trusted Enterprise Cloud

Ohanae empowers companies to share files securely with anyone in a whole new way



Trust is Our #1 Value

Companies need one platform to connect everything.  Ohanae is fully integrated into the Salesforce platform.  The Salesforce platform is trusted by customers worldwide to keep their most critical data secure.  While the Salesforce platform provides enterprise-grade security for content at rest, those protections stop the moment files are shared, emailed, or downloaded from the cloud.  That’s where Ohanae steps in to protect your files anywhere they travel, giving you full visibility, control, and assisting your compliance with mandatory government regulations.  With Ohanae, your business can be more productive and agile, and deliver new levels of trust.


Secure content beyond Salesforce, in mobile devices, email, social, and file shares

Organizations share information.  The reality today is that files are usually stored and shared in cleartext, unencrypted, with no visibility and no control.  The majority of users lack access to, or ignore encryption capabilities, as they create and share their files. With Ohanae, whether your employees are emailing sensitive attachments, passing around financial models on easily-lost USB flash drives, or are using unsanctioned cloud storage tools, you can be confident that all internal and external collaborations are secure.

Secure File Sharing with Anyone in a Whole New Way

Ohanae secures file sharing service for Salesforce Chatter enterprise social network, Salesforce Files and file synchronization & sharing tools (Box, Dropbox, Google Drive, OneDrive), and email attachments to make the sharing of files and passwords safer, faster, and more private.  Ohanae is unique because it allows security to travel with shared files. This gives organizations full visibility and control over all communications. Once a document is protected, even if it is copied on a USB flash drive, stored on your laptop or on your mobile phone, stored in any cloud provider’s storage of your choice, the document carries the same protection. Ohanae goes further than typical encryption technology by adding policies and yet, Ohanae never has access to the data.


Ohanae for Salesforce Summer ’16 Release

  • Secures the flow of protected files resident on all user’s devices, as well as those in the cloud. Ohanae encrypts all important file types, then lets these files be used by everyone in a user’s collaboration group (not just within the user’s organization).  In short, users can now securely share any content with anyone, whether they are inside the group, or not. Outsiders can sign up for a free Ohanae Personal account. This offer lets the users external to the organization consume and produce protected content on a single device of their choice (Personal Premium subscriptions are also available @ $2 per user/month with multiple devices support).
  • Logical role-based access control (Company, Role, Group, User) based on Salesforce Identity with additional universal rights management powers such as document tracking, revocation, and limited-time access support.  
  • The easy to use mobile sharing app can be downloaded from popular app stores (Apple App Store, Google Play, and Windows Store).  The desktop sharing app (Windows Desktop, and Mac OS) is designed for experienced users who require added functionalities.    An Ohanae for Salesforce managed package can be downloaded today from the Salesforce AppExchange.
  • Enterprises can designate specific folders within Salesforce Files, Box, Dropbox, Google Drive, OneDrive and automatically extend extra protection and data control to documents placed in those folders. Then, as those files are shared, downloaded, or emailed, Ohanae’s protection follows the files wherever they go. For businesses who are highly collaborative externally, this is a great way to ensure protection of content that extends beyond the usual shadow-IT file synchronization and sharing tools.
  • Trust is achieved when security is paired with visibility and control. When files are emailed outside of an organization, or downloaded from a shared link, enterprise protections are often lost.  By protecting files with Ohanae, you always retain the ability to see exactly where that file has traveled, who has accessed it, even when   an unauthorized access is attempted.
  • Ohanae permits you to instantly revoke access to files and devices:  It’s like having a recall button that actually works.

To experience how you can empower your company to share its files securely with anyone in a whole new way, try out Ohanae for Salesforce, it’s available on the AppExchange today.

Friday, August 21, 2015

Secure File Sharing in a Whole New Way

Now Everyone Gets to See Ashley Madison Data

Cyberattack. Your network is compromised. Hackers behind the Ashley Madison breach, the popular online dating website aimed at people hoping to cheat on their spouses, have dumped 9.7 gigabytes worth of stolen user account and payment information online. The hack includes corporate financial documents along with maps of Avid Life Media’s internal network. Trusted corporate networks no longer exist once the perimeter security is broken. Security tools such as firewalls, IPS systems, access controls, no longer protect your data. Mobile, cloud, IoT and APIs are creating a massive complexity that is rendering traditional modes of security ineffective. As your users, their devices, and applications move outside the safe and cozy confines of the corporate network, the old paradigm fails and a new approach is needed for secure collaboration and file sharing.

Moving to the Cloud

Each business has different needs and every business will reap distinct benefits from cloud solutions. Many CIOs hesitate to fully embrace a cloud-first approach. Their hesitation stems in part from an anxiety embracing a wide range of privacy and security related issues. Businesses want to retain control of their data and they want that data to be kept secure and private, all while maintaining transparency and assuring compliance.

The Need for Platform Encryption

Security and trust are major factors in every company’s evaluation of public cloud services such as the Salesforce Customer Success Platform. Companies will only use cloud providers who they greatly trust. They seek assurances that the privacy of their information and files will be highly protected; that their data will be used only in a way that is consistent with their expectations. Salesforce customers in particular are choosing which business functions to run on the Salesforce1 Platform, what applications they can build to extend those functions, and what data they need to store there to enable those functions. Customers increasingly use the Salesforce1 Platform to build applications that require PII and other sensitive, confidential, or proprietary data. Given the sensitive data stored on the Salesforce1 Platform, smart customers demand additional layers of protection beyond the standard security measures such as authentication, single sign-on, access controls, and activity monitoring as to when and how they protect their data.

Together We Deliver a Trusted Cloud

Besides platform encryption, private and shared files from enterprise social networks, file syncing and sharing, email attachments, network drives, physical USB flash drives, all these need file security with integrated access control as a last line of defense. Even if your network has been compromised by an advanced threat or by an insider and files have been leaked, your enterprise maintains visibility over those files, and ensures they are under your control. You may securely share files with anyone and retain complete tracking to see who accesses your files.

The Secure File Sharing Platform

Ohanae delivers secure file sharing in a whole new way. Unlike lesser solutions, Ohanae takes a two-prong approach to secure both your passwords and files through zero knowledge encryption. Ohanae’s unique system allows security to travel with shared files preserving the organization’s full visibility and control. Our patent-pending technology ensures passwords are not stored anywhere and are dynamically created and erased locally on your device. Ohanae is the secure file sharing platform for enterprise social networking, file syncing & sharing, making the sharing of files and passwords safer, faster, and more private. Ohanae allows users to easily create, share, and keep files in the cloud, yet permitting a secure and simple access from any device. The Ohanae solution is easy to install and use without any disruption to normal workflows. Users can download the Ohanae app from all the popular app stores. It’s easy, it’s powerful, and it’s here now!

Saturday, January 3, 2015

Corporate America, you've been hacked

Sony Cyberattack, First a Nuisance, Swiftly Grew Into a Firestorm. More than 100 terabytes of internal files and films had been stolen, internal data centers had been wiped clean, and 75 percent of the servers had been destroyed. The F.B.I. found that the hackers had used digital techniques to steal the credentials and passwords from a systems administrator who had maximum access to Sony’s computer systems. Once in control of the gateways, theft of the information was relatively easy.

As we bear witness to the destructive cyberattacks on Sony Pictures, it becomes clear that nobody is safe, we are entering an entirely new era of “cyber-vandalism”.  Those who do not implement cloud data protection will be the next ripe targets. Those who do not change their approach to cloud data protection will lose. The Sony hack has taught us so much. It’s taught us to send corporate email as if everyone is reading those emails. It’s taught us that people in Hollywood are just as mean as people in any other industry, with equally fragile reputation.   Bottom line: This hack is estimated to cost Sony $100 million after all is said and done, and jeopardizes executive careers.

Trust No One…Encrypt Everything

Cloud-First, Mobile-First era requires businesses to adopt the discipline of Trust No One, Encrypt Everything! The Sony hack could have been mitigated if these stolen files had been uniquely encrypted, with only the authorized users (internal/external) in the shared list (embedded in the document header) able to decrypt the files; and, most importantly, if the decryption could only be carried out from an authorized computer or mobile device.

Assume you’re Always under Attack

Enterprise IT is heavily relying on security features provided by cloud vendors but most of the SaaS vendors do not make security a first priority, and so they fail to provide sufficient data governance, data privacy, data sovereignty, and built-in compliance. CIOs and CISOs have realized that maintaining enterprise-grade security in cloud application usage is a shared responsibility, as traditional infrastructure security technologies that are based on the idea of perimeter defense have become obsolete. The perimeter is dead; mobile devices wounded it and the cloud finished it off. Applications today are mobile, so security must be built to move with them.

Ohanae develops security tools to facilitate secure document collaboration using enterprise social platforms, and file sync and share tools that are based on the core assumption that it is impossible to tell good from bad. Our security models focus on eliminating attack vectors, and move away from the never-ending battle of separating “good” from “bad”.

Secure Document Collaboration for Salesforce Users

Ohanae offers near boundless innovations for these new approaches by securing your files in Salesforce cloud, along with your Salesforce credentials. Unlike anyone else, Ohanae takes this two-prong approach to fully secure your data through zero knowledge encryption resulting in:
  • Easy to use secure file sharing via Chatter and Communities, Salesforce Files guest link, Skype, iMessage, email attachment, and USB flash drive.
  • Assurance that sensitive files in the Salesforce Files are encrypted and only you have the encryption key.
  • Access to unique complex passwords without the need to remember them.
  • Full-fledged logging in compliance with government regulations. Ohanae monitors your private and shared files uploaded/synced to the Salesforce cloud.

How it Works?

In cases of document sharing, files are encrypted using unique encryption keys which are associated with specific recipients. This allows other Salesforce users to receive encrypted files from you without their knowing any of your critical security data, while maintaining the same level of data security.

For private files in Salesforce Files, Ohanae transparently encrypts files using a highly secure key that is generated on each use and not stored on the device or in the cloud. This encryption prevents access to documents by unauthorized users who might compromise your cloud storage account.

Finally, the password management function ensures that your Salesforce credentials are unique. These unique, highly secure passwords are dynamically created and then erased locally from your desktop or mobile devices. They are never stored on either the device or in the cloud.

Pricing and Supported Platforms

Now available for download, Ohanae is free for single device use. Multi-device business use (up to 8 devices) costs $2 per user/month. Enterprise use costs $3 per user/month with a centralized management capability from an intuitive web interface. Ohanae supports Android, iOS, Windows Phone, Windows Store App, Windows Desktop and Macintosh, Chrome, Safari, Internet Explorer, and Firefox.

Tuesday, September 2, 2014

It Could Happen to You

The recent, high profile compromise of several celebrities’ iCloud personal photo archives (see Jennifer Lawrence naked photos spark fear of mass celebrity hacking) reminds us of the inherent vulnerability of all cloud storage. Popular media now asks if Apple’s iCloud service is safe (see Is Apple's iCloud safe after leak of Jennifer Lawrence and other celebrities' nude photos), but the question should be even broader.

With massive consumer use of general file storage solutions like Dropbox, consumers should worry about compromise of these stores. The type of compromise that Jennifer Lawrence and other celebrities experienced could happen on any cloud storage provider — Dropbox, Box, Amazon Cloud Drive, Google Drive, Microsoft OneDrive, and, of course, iCloud.

As a first step, consumers must secure their access to cloud assets with strong, secure passwords which they change often. This minimizes the risk of an attacker directly accessing the consumer account using their legitimate credentials, and ensures that an attack which compromises one account can not spill over into other accounts.

However, mere password security is not enough as the celebrity iCloud compromise has shown. In this case, the compromise resulted from a flaw in Apple’s Find My iPhone feature, and did not require direct access to user credentials. In order to prevent this kind of compromise, consumers should use encryption to prevent access even when the attacker has possession of the data.

Cloud privacy protection tenants argue for both securing the access to the data (credentials) and the data itself (encryption). This allows users to store and share data in a world where they can’t trust anyone with safety, security, and without fear. Cloud data storage has revolutionized our ability to access data from anywhere, on any device, and it’s important to not let cyber criminals take that freedom from us.

Ohanae can help. Ohanae software, once installed on your mobile and computing devices, provides complete cloud privacy protection with three important features. First, passwords are managed allowing every site to have a unique, complex password, and facilitating password changing on a regular, short schedule. Second, data — both in transit to the cloud storage provider, and at rest in their data centers is encrypted. This encryption allows for access only by you on your registered devices! Finally, Ohanae provides secure filesharing. When you need to share data with others, all the protections of cloud privacy protection can move right along with the data. Ohanae does this all without storing any keys or passwords anywhere (locally or in the cloud) — ensuring that there is no single point of compromise which would reveal your data to prying eyes.

There’s nothing wrong with storing your sensitive data in the cloud — just make sure to use Cloud Privacy Protection to safeguard yourself!