Private and Confidential

AuthShield Security for Mails

Private and Confidential2

Mails – Warehouse of Information on the Go!

• E-mails are an integral part of our communication mechanisms

• Can be accessed anywhere in the world on almost every device

• Considered as written proof of communication in many countries

• Can be used to steal information or to impersonate senior members of an organization

As per Internet Crime Complaint Center (IC3) in the past fourteen months there have 1200 US and over 900 non US victims where business mails have been compromised

Private and Confidential3

Microsoft Exchange

• Microsoft Exchange had an installed base of 470 million in 2014

• Microsoft Exchange uses a propriety RPC protocol, MAPI / RPC that was designed to be used by Microsoft Outlook

• Emails hosted on exchange can also be accessed using SMTP, POP3 and IMAP4 protocols

• Many Android, iOS and Windows Mobile phones now support Exchange ActiveSync Push Email

Private and Confidential4

Why AuthShield 2FA

• Most Cyber attacks are Phishing related scams and effective in majority of cases

• A non aware user is the weakest link in the Cyber Security Chain

• Every organization needs to protect their mails as they are one of the most critical assets of an organization

Private and Confidential5

AuthShield Authentication Security

Map the physical identity of the user to the server (Two Factor Authentication)

Identify the user based on – Something he knows (user name / password Something in the users possessions

Private and Confidential6

Username, Password + Second Factor of Authentication

Access Granted Server

Username + Password

ACCESS DENIED

Hacker may have access to the Password but he cannot have access to the “Second Factor of Authentication”

Private and Confidential7

AuthShield Tokens for OWA

Hard TokenAndroid / iOS / Windows /BB Linux / Mac / Windows

Private and Confidential8

Hard Token

• Security device (Hard Token) given to authorized users

• The token generates a new password after every 90 seconds

• Each token is unique to the user and synchronized with the server based on time

• The password is based on a pre defined unbreakable randomized algorithm.

Hard Token

Private and Confidential9

Mobile Token for Smart Phones

• Application installed on smart Phones

• User identity is mapped to his smartphone

• User has to enter PIN to generate the One Time Password

• Available for all smart phones

Android / iOS / Windows /BB

Private and Confidential10

Soft Token for Desktops

• Application installed on Desktop

• User identity is mapped to his desktop

• User has to enter PIN to generate the token

• Available for all OSLinux / Mac / Windows

Private and Confidential11

AuthShield Tokens for OWA / ActiveSync / Outlook Anywhere

One Touch Authentication for Windows / Linux / Mac Systems OS

One Touch Authentication for Android / iOS / Windows Phones

Private and Confidential12

Mobile One Touch Authentication

• Maps users identity to his registered mobile phones

• Anytime a user wishes to login, a ‘PUSH’ notification is sent with details on – – IP– Location– TimeStamp

• User has to ‘Approve’ the request to login

Private and Confidential13

System One Touch Authentication

• Maps users identity to his registered Desktop / Laptop

• Anytime a user wishes to login, a ‘PUSH’ notification is sent with details on – – IP– Location– TimeStamp

• User has to ‘Approve’ the request to login

Private and Confidential14

• AuthShield Protocol Decoding Engine receives Authentication request from User

• Server validates the User name and Password from AD / LDAP

• Request is forwarded to the Authentication Server for the second factor authentication check

AuthShield Integration with Microsoft Exchange

Private and Confidential15

Private and Confidential16

User Name and Password are validated from AD

On correct validation, request is forwarded to the Authentication Server

Users device is mapped against his registered devices

In case users device is different from his registered device, an Authentication Notification sent to the registered device(s) of the user

User has to approve the Authentication request for the mails to be downloaded on his non-registered device

Process Flow

Private and Confidential17

Process Flow

Private and Confidential18

About Us

About the CompanyResearch Oriented Information Security

Organization

All technologies are indigenous - Evaluated and approved by multiple Government Agencies

Empanelled with DRDO

More than six years of experience in Cyber Security

Served key clients in Private and Public sector

Private and Confidential19

Contd.

Features Patents on 2FA with Protocol level decoding

Direct integration of 2FA with – SAP / ERP Mail servers – Microsoft Exchange,

OCMS, IBM Lotus Nodes, Zimbra etc VPN Database Queries Web Applications etc

Customized products focused on technology immersion in clients

Private and Confidential20

Contd.

Private and Confidential21

Some of our Government Clients

Delhi Police

Ministry of Home Affairs Indian Army

Ministry of Defense

National Investigation AgencyAP Police

UP Police

National Technical Research Organization

Chandigarh Police

JK Police

Private and Confidential22

Some of our other clients

Private and Confidential23

Contact Us

@ authshield2FA

+91-11-47065866/ 45272272

info@innefu.com

www.auth-shield.com / www.innefu.com

876, 8th Floor, Aggarwal Cyber Plaza II,Netaji Subhash Place, New Delhi, India

GET IN TOUCH WITH US. WE’D BE HAPPY TO HELP