Friday, August 21, 2015

Secure File Sharing in a Whole New Way

Now Everyone Gets to See Ashley Madison Data

Cyberattack. Your network is compromised. Hackers behind the Ashley Madison breach, the popular online dating website aimed at people hoping to cheat on their spouses, have dumped 9.7 gigabytes worth of stolen user account and payment information online. The hack includes corporate financial documents along with maps of Avid Life Media’s internal network. Trusted corporate networks no longer exist once the perimeter security is broken. Security tools such as firewalls, IPS systems, access controls, no longer protect your data. Mobile, cloud, IoT and APIs are creating a massive complexity that is rendering traditional modes of security ineffective. As your users, their devices, and applications move outside the safe and cozy confines of the corporate network, the old paradigm fails and a new approach is needed for secure collaboration and file sharing.

Moving to the Cloud

Each business has different needs and every business will reap distinct benefits from cloud solutions. Many CIOs hesitate to fully embrace a cloud-first approach. Their hesitation stems in part from an anxiety embracing a wide range of privacy and security related issues. Businesses want to retain control of their data and they want that data to be kept secure and private, all while maintaining transparency and assuring compliance.

The Need for Platform Encryption

Security and trust are major factors in every company’s evaluation of public cloud services such as the Salesforce Customer Success Platform. Companies will only use cloud providers who they greatly trust. They seek assurances that the privacy of their information and files will be highly protected; that their data will be used only in a way that is consistent with their expectations. Salesforce customers in particular are choosing which business functions to run on the Salesforce1 Platform, what applications they can build to extend those functions, and what data they need to store there to enable those functions. Customers increasingly use the Salesforce1 Platform to build applications that require PII and other sensitive, confidential, or proprietary data. Given the sensitive data stored on the Salesforce1 Platform, smart customers demand additional layers of protection beyond the standard security measures such as authentication, single sign-on, access controls, and activity monitoring as to when and how they protect their data.

Together We Deliver a Trusted Cloud

Besides platform encryption, private and shared files from enterprise social networks, file syncing and sharing, email attachments, network drives, physical USB flash drives, all these need file security with integrated access control as a last line of defense. Even if your network has been compromised by an advanced threat or by an insider and files have been leaked, your enterprise maintains visibility over those files, and ensures they are under your control. You may securely share files with anyone and retain complete tracking to see who accesses your files.

The Secure File Sharing Platform

Ohanae delivers secure file sharing in a whole new way. Unlike lesser solutions, Ohanae takes a two-prong approach to secure both your passwords and files through zero knowledge encryption. Ohanae’s unique system allows security to travel with shared files preserving the organization’s full visibility and control. Our patent-pending technology ensures passwords are not stored anywhere and are dynamically created and erased locally on your device. Ohanae is the secure file sharing platform for enterprise social networking, file syncing & sharing, making the sharing of files and passwords safer, faster, and more private. Ohanae allows users to easily create, share, and keep files in the cloud, yet permitting a secure and simple access from any device. The Ohanae solution is easy to install and use without any disruption to normal workflows. Users can download the Ohanae app from all the popular app stores. It’s easy, it’s powerful, and it’s here now!

Saturday, January 3, 2015

Corporate America, you've been hacked

Sony Cyberattack, First a Nuisance, Swiftly Grew Into a Firestorm. More than 100 terabytes of internal files and films had been stolen, internal data centers had been wiped clean, and 75 percent of the servers had been destroyed. The F.B.I. found that the hackers had used digital techniques to steal the credentials and passwords from a systems administrator who had maximum access to Sony’s computer systems. Once in control of the gateways, theft of the information was relatively easy.

As we bear witness to the destructive cyberattacks on Sony Pictures, it becomes clear that nobody is safe, we are entering an entirely new era of “cyber-vandalism”.  Those who do not implement cloud data protection will be the next ripe targets. Those who do not change their approach to cloud data protection will lose. The Sony hack has taught us so much. It’s taught us to send corporate email as if everyone is reading those emails. It’s taught us that people in Hollywood are just as mean as people in any other industry, with equally fragile reputation.   Bottom line: This hack is estimated to cost Sony $100 million after all is said and done, and jeopardizes executive careers.

Trust No One…Encrypt Everything

Cloud-First, Mobile-First era requires businesses to adopt the discipline of Trust No One, Encrypt Everything! The Sony hack could have been mitigated if these stolen files had been uniquely encrypted, with only the authorized users (internal/external) in the shared list (embedded in the document header) able to decrypt the files; and, most importantly, if the decryption could only be carried out from an authorized computer or mobile device.

Assume you’re Always under Attack

Enterprise IT is heavily relying on security features provided by cloud vendors but most of the SaaS vendors do not make security a first priority, and so they fail to provide sufficient data governance, data privacy, data sovereignty, and built-in compliance. CIOs and CISOs have realized that maintaining enterprise-grade security in cloud application usage is a shared responsibility, as traditional infrastructure security technologies that are based on the idea of perimeter defense have become obsolete. The perimeter is dead; mobile devices wounded it and the cloud finished it off. Applications today are mobile, so security must be built to move with them.

Ohanae develops security tools to facilitate secure document collaboration using enterprise social platforms, and file sync and share tools that are based on the core assumption that it is impossible to tell good from bad. Our security models focus on eliminating attack vectors, and move away from the never-ending battle of separating “good” from “bad”.

Secure Document Collaboration for Salesforce Users

Ohanae offers near boundless innovations for these new approaches by securing your files in Salesforce cloud, along with your Salesforce credentials. Unlike anyone else, Ohanae takes this two-prong approach to fully secure your data through zero knowledge encryption resulting in:
  • Easy to use secure file sharing via Chatter and Communities, Salesforce Files guest link, Skype, iMessage, email attachment, and USB flash drive.
  • Assurance that sensitive files in the Salesforce Files are encrypted and only you have the encryption key.
  • Access to unique complex passwords without the need to remember them.
  • Full-fledged logging in compliance with government regulations. Ohanae monitors your private and shared files uploaded/synced to the Salesforce cloud.

How it Works?

In cases of document sharing, files are encrypted using unique encryption keys which are associated with specific recipients. This allows other Salesforce users to receive encrypted files from you without their knowing any of your critical security data, while maintaining the same level of data security.

For private files in Salesforce Files, Ohanae transparently encrypts files using a highly secure key that is generated on each use and not stored on the device or in the cloud. This encryption prevents access to documents by unauthorized users who might compromise your cloud storage account.

Finally, the password management function ensures that your Salesforce credentials are unique. These unique, highly secure passwords are dynamically created and then erased locally from your desktop or mobile devices. They are never stored on either the device or in the cloud.

Pricing and Supported Platforms

Now available for download, Ohanae is free for single device use. Multi-device business use (up to 8 devices) costs $2 per user/month. Enterprise use costs $3 per user/month with a centralized management capability from an intuitive web interface. Ohanae supports Android, iOS, Windows Phone, Windows Store App, Windows Desktop and Macintosh, Chrome, Safari, Internet Explorer, and Firefox.