Authentic8 Blog Category: Customers

Update on Meltdown and Spectre Exploits

Three months ago, the industry was on high alert due to the publication of two new security exploits: Meltdown and Spectre see my prior post on this topic.

Since then, Authentic8 has aggressively updated its software at both the system and application level, from kernel to browser (and every patch in between). We have been actively monitoring our systems for security issues, as we always have and will continue to do.

These attacks did not represent a qualitative change in the security landscape but were a reminder that threats are always present. Some are known; most are probably not.

The Meltdown and Spectre threat reminds us that monitoring and rapid response are vital to our security and, by extension, the security of our customers.

While we haven’t seen any in-the-wild exploits that take advantage of Meltdown and Spectre, security breaches attributed to the lack of basic IT hygiene continue unabated.

We encourage you to re-assess - continuously - your basic security

Customer Spotlight: Employee Benefit Services

img_2014-09-02_EBS

CUSTOMERS

Employee Benefits Specialists, Inc. (EBS) is a national company that provides a comprehensive menu of benefits to organizations ranging from small businesses to national corporations and municipalities. EBS services include online enrollment and eligibility management, flex spending accounts, COBRA and retiree administration, voluntary insurance and invoice reconciliation and eligibility tracking. With so many services and programs to administer, ensuring the confidentiality of client data is both challenging and absolutely essential, because EBS is an active participant in their clients’ health care programs.

 

We are in the browser dealing with HIPAA data across 40 different websites. With single sign-on and data compliance controls, Silo kills two birds with one stone!

 

What problem were you trying to solve?

Initially, we purchased Silo to ensure that our international and regular banking transactions took place in a secure browser environment. Very quickly, however, we realized that Silo could address a major challenge for our Reconciliation Team. The Reconciliation team creates invoices for clients to send

Customer Spotlight: Northshore Dental Associates

img_2014-07-16_Northshore-Dental

CUSTOMERS

Northshore Dental Associates serves the Muskegon and West Michigan communities with comprehensive dental services. Northshore Dental believes there is a strong connection between oral and general health, and that good dental health is the foundation of a healthy well-being. Northshore Dental’s staff focuses on general and cosmetic dentistry and is committed to partnering with patients in delivering professional care in a comfortable environment.


"We feel more secure about sensitive client data and HIPAA regulated data in the browser."


What problem were you trying to solve?

Like any healthcare service provider, Northshore Dental deals with a variety of sensitive patient information. Personal information, such as Social Security data or client benefits data, is protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Our business staff is interacting with critical data across a variety of websites. It is common for our partners, insurance services, and health care providers to deliver information using a web-based portal. Given that a breach

Customer Spotlight: Scott B. Price & Company

CUSTOMERS

Scott B. Price and Company has been providing professional services to individuals and small businesses for over 25 years. Based in the heart of San Francisco, SBP CPA’s clients span a wide range of industries, organizational size, and structures, including individuals, partnerships, small businesses, start-up companies, non profit organizations, estates, and trusts. The firm provides accounting, tax planning and preparation services, along with accounting system design including support for QuickBooks applications to their clients. The firm has always strived to be forward thinking with respect to how technology can help them deliver better services to their clients. They were early adopters of electronic data storage and management, e-filing of tax returns, and using the web to communicate with their clientele. But the firm is very conservative when it comes to their data. Before embracing cloud-based solutions, the firm ran a rigorous process to evaluate vendors, review data migration processes, ensure data integrity, and to develop a security framework covering both

Customer Spotlight: Return Path

Logo_Return-Path_518x518

CUSTOMERS | SECURITY

As a leading Email Intelligence company with researchers and analysts around the world, Return Path conducts 24x7 analysis of email and web data in order to provide better information to their subscribers. The research and certification process involves accessing web sites that are known to be compromised. This can put corporate resources at risk - both the users’ computers and sensitive company data.

What problem was Return Path looking to solve?

Security and Compliance analysts at Return Path need access to risky, malicious, and exploited websites in order to research phishing, fraudulent and otherwise corrupted properties associated with email traffic. Due to the malicious content being accessed and the browser’s inherent co-mingling of data, using the default browser on the user’s computer was not an option.

Users needed a separate browser that was fully insulated from the work environment. Analysts could time-share a dedicated PC, which was re-imaged after each research session. Or they could create a virtual