30 April 2013 – Wetherby, UK – Britain is a sitting duck for cybercrime because employees couldn’t care less about the security of their workplace systems, suggests new research* announced today from tokenless authentication provider, Swivel Secure.

The study reveals that almost a fifth (19%) of employees care so little about online security that they reuse the same username and password (UNP) across every single online business and personal application which, for the majority of today’s consumers, amounts to upwards of 25 different sites. Constant reuse of the same UNP greatly increases the chances of a fraudster, data thief, saboteur, friend or fellow employee obtaining and exploiting these details for criminal gain.

Contrary to popular belief,  awareness of the dangers of cybercrime amongst workers doesn’t seem to be the problem; over half (55%) of the 1,200 UK employees surveyed claim to actively track online security threats such as viruses, trojans and hackers. The real peril lies in what seems to be a widely held concensus amongst workers that cybercrime is ‘something that happens to other businesses’. Despite this disparity between awareness and action, more than three quarters of all respondents (77%) remained completely unconcerned about workplace security, suggesting that only a direct and personal experience of cybercrime will trigger a change in attitude.  Even those that are security conscious are failing to uphold basic rules; three quarters (75%) either write down or have another offline system for recording their passwords.

“This has been going on for long enough,” comments Chris Russell, VP Engineering at Swivel Secure. “The cloud’s over reliance on the username and password format has caused workers to resign themselves to the risks, and made the UK economy a sitting duck for corporate cybercrime.  The inconvenient truth is that workers are neither capable nor are they willing to maintain the complex, rolling system of passwords that today’s web environment demands.

“Analysts tell us that global spending on cyber security will exceed $68bln this year, but it is nonsensical for a business to invest heavily in firewalls, encryption and all manner of other protective technologies if its workers are effectively lowering the drawbridge to anyone that can guess their Facebook password,” continues Russell. “As our personal and professional worlds continue to collide online, businesses that are serious about protecting their data need to rethink their approach to user authentication and drop usernames and passwords for good.”

Additional research announced earlier this year from Swivel Secure (UK Bosses Slacking on Hacking, Jan 2013) suggested that the UK’s ‘corporate culture of complacency’ start at the top and trickles down to influence the attitudes and behaviours of employees.   “Action on this issue has to come from the top,” adds Russell. “The business owners and decision makers must accept that UNPs are an outdated and unworkable form of authentication for today’s online workforce. If they wait for the web to evolve around them, it will be too late.  They need to take steps now to protect their data.” 

The Swivel authentication platform was first launched in 2003. It is now used by local government, the NHS, major global enterprises and smaller businesses in over 35 countries, to remotely access their business networks, virtual desktops and cloud-based applications. A strong alternative to UNPs, the Swivel authentication platform offers the widest range of user deployment options according to Gartner, including mobile apps, SMS and interactive voice response channels.

The post Mass Employee Negligence makes UK ‘Sitting Duck’ for Cybercrime appeared first on Swivel Secure.

• SSD Server
• Smart Phone Settings
• Device PIN Entry for OTC Extraction

For a complete overview of the new features and enhancements, please review the product release document

The latest version is available to download from the Swivel Knowledgebase

The post Version 3.9.4 Now Available appeared first on Swivel Secure.

Wetherby, UK – February 28, 2013 Swivel Secure announced today that Info Security Products Guide, the industry’s leading information security research and advisory guide, has named Swivel Secure as a Gold  winner of the 2013 Global Excellence Awards in Innovation in Cloud Security and Bronze winner in Authentication Solution (Multi, Single or Two-Factor). The security industry celebrated its 9^th Annual 2013 Global Excellence Awards in San Francisco by honoring excellence in every facet of the industry including products, people behind the successes and best companies.

More than 50 judges from a broad spectrum of industry voices from around the world participated and their average scores determined the 2013 Global Excellence Awards Finalists and Winners. Winners were announced during the awards dinner and presentation on February 27, 2013 in San Francisco attended by the finalists, judges and industry peers. To apply to be a judge for the next global excellence awards program, register at http://www.infosecurityproductsguide.com/awards/judges/ now.

The Swivel authentication platform was first launched in 2003. It is now used by major global enterprises, local government, the NHS and hundreds of smaller business, in over 35 countries, to remotely access their business networks, virtual desktops and Cloud-based applications. Offering the widest range of user deployment options according to Gartner,  the leading IT industry analysts, the Swivel platform offers the choice of mobile apps, SMS and interactive voice response channels when full two-factor authentication is mandatory.

“This is fantastic news, the Info Security Products Guide’s recognition of Swivel further validates our product and Swivel Secure as a pioneer in tokenless authentication” say Chris Russell, VP Technology “This is a major endorsement to the fact that Swivel is still ahead of the curve when it comes to the best-of-the-best products that can provide the highest security within the tokenless authentication market space.” 

About Info Security Products Guide

Info Security Products Guide sponsors leading conferences and expos worldwide and plays a vital role in keeping end-users informed of the choices they can make when it comes to protecting their digital resources. It is written expressly for those who are adamant on staying informed of security threats and the preventive measure they can take. You will discover a wealth of information in this guide including tomorrow’s technology today, best deployment scenarios, people and technologies shaping info security and market research that facilitate in making the most pertinent security decisions. The Info Security Products Guide Awards recognize and honor excellence in all areas of information security. To learn more, visit www.infosecurityproductsguide.com and stay secured.

The post Wins Gold and Bronze at the 9th Annual 2013 Security Industry’s Global Excellence Awards appeared first on Swivel Secure.

The post Swivel Secure has been shortlisted in SC Mag Awards Europe appeared first on Swivel Secure.

29th January 2013 – Swivel Secure, the global leader in tokenless authentication technology today announces a number of operational changes that will deliver greater agility in its engagement with both customers and channel partners.

Flexible pricing models for resellers

In order to support increasing market demand for tokenless authentication to be offered as part of a wider managed service, Swivel today announces a new, short term, utility styled pricing scheme for channel partners operating in this market. Demand for greater flexibility in pricing has in part been driven by the increasing popularity of the Microsoft Office 365 environment for which Swivel is the only approved tokenless authentication provider.

By aligning its contract and payments terms with a managed services business model, Swivel has enabled channel partners to roll its authentication platform into their own managed service offerings without incurring the risks associated with traditional annual vendor contracts.  Offering resellers short-term contracts and monthly payments will enable them to pass on this flexibility to customers.

Having month-by-month flexibility on pricing will enable end user organisations to tailor their use of the Swivel platform over time to best suit their requirements, using whatever combination of technologies they need to fit with their security policies and compliance regulations. Unlike other tokenless authentication providers that offer managed service models, Swivel provides organisations with the flexibility to choose what to securely connect to – web, VPN, cloud or desktop – as well as the freedom to select the communication tools used to manage to the process: mobile app, SMS, telephony or web. This freedom resolves a variety of authentication headaches faced by organisations that are wrestling with the need to continually update their security policies in line with increasing demands for new devices and applications to connect to the corporate network.   

Swivel authentication platform: Shortened release cycle

Swivel has transformed its platform development and rollout procedures, adopting an agile approach, dramatically shortening the lead time between each release to just six to eight weeks. The move will simplify the process of upgrading to the latest version and accelerate the delivery of new platform enhancements to customers.

Instead of managing a substantial upgrade every six to nine months, the shortened release cycle will also enable Swivel’s customers to benefit from new features and other enhancements as they are developed.

As part of this change, release 3.9.2 updates the way configuration data is stored on the Swivel server such that when the new version of the software is deployed it does not overwrite the existing configuration but instead reads and upgrades the configuration automatically. This important development greatly reduces the time, resources and risks associated with upgrading the platform.

“These changes evidence Swivel’s intent to build greater agility and flexibility into both its daily operations and its authentication platform, in order to keep pace with the evolving market for two factor authentication,” comments Chris Russell, VP of Engineering, Swivel. “As Swivel continues to grow its global reseller base, it is vital that we continue to support our channel effectively. We take our responsibilities as a vendor seriously and have moulded our offering to suit the needs of both our partners and customers.”

The Swivel authentication platform was first launched in 2003. It is now used by major global enterprises, local government, the NHS and hundreds of smaller business, in over 35 countries, to remotely access their business networks, virtual desktops and Cloud-based applications. Offering the widest range of user deployment options according to Gartner,  the leading IT industry analysts, the Swivel platform offers the choice of mobile apps, SMS and interactive voice response channels when full two-factor authentication is mandatory.

The post Swivel Secure enhances operational agility for customers and channel partners appeared first on Swivel Secure.

What role do you see Swivel Secure playing within ISMS Forum?

Swivel brings to the Forum a new approach to authentication through its innovative tokenless and one-time-code technologies. These contribute to building a trusted digital identities ecosystem, which is crucial to making cyber space more secure.

Why do you think it is important to have a global organisation, such as Swivel Secure as a member?

Like many other global companies such as HP, IBM, Symantec, McAfee, etc. Swivel provides us with a greater understanding of innovations and trends affecting information security, which enables our members to better manage their cyber security programs. ISMS Forum also provides our members with the opportunity to understand how their technologies and solutions meet local users’ needs, expectations and concerns. This is driven by local laws and regulations, organisational cultures, and the local industry’s level of maturity and understanding of information security.

What are ISMS’s priorities for 2013?

The main priorities of ISMS Forum for the next 12 months include:

Fostering the role of security within public and private organisations. It’s time for cyber security to be acknowledged as a Board-level business risk.

Increasing the commitment of regulators and policy makers within cyber security, and promote their debate and collaboration with the private sector through activities such as information sharing and joint cyber exercises.

Continuing our ongoing objective to enhance knowledge and understanding of the risks to information security in Spain and continue to train local experts.

What do you think are the biggest security threats facing Spain over the next five years?

The lack of transparency and information sharing regarding cyber security incidents is one of the major problems affecting information security in Spain.  A dispersed and weak regulatory framework is also a barrier to improving national cyber security.

Areas such as mobile, cloud computing and critical infrastructures, which are growing in popularity, will attract more threat agents. Mobile in particular is a fast growing trend and attackers will undoubtedly make use of mobile exploits to gain access to corporate networks.

On the other hand, as devices such as smartphones, laptops and tablets do not have adequate protection in terms of encryption and password security, data loss and identity theft incidents are also likely to grow. Cloud computing and the high concentration of data stored within the cloud will also be a very attractive target for attackers.

Meanwhile, advanced persistent threats (APTs) are likely to be launched against more types of organisations, especially by those hackers that go after high value intellectual property. Critical infrastructures may also be at increased risk of cyber attacks as their control systems are increasingly connected to the internet.

The post Swivel Secure interviews Nathaly Rey, Executive Director, ISMS Forum Spain appeared first on Swivel Secure.

16 January, 2013 - Company bosses across the UK have a complacent attitude toward cybercrime and are inviting criminal attacks due to their sloppy approach to internet security, reveals new research* announced today from tokenless authentication provider, Swivel Secure.

According to the research, more than half of all business owners (51%) are ‘unconcerned’ with the security of their corporate systems, with one in four readily admitting to reusing the same username and password across all their corporate and personal accounts, from their Facebook page to their confidential corporate systems. A dramatic increase in the online activity of business owners is compounding the risks. Four out of five business owners now regularly use up to 50 websites that require a username and password whereas just five years ago, the vast majority (73%) accessed just 20 or less. Doing more online with the same username and password greatly increases the chances of a fraudster, data thief, saboteur, or even a disgruntled employee, obtaining these details and exploiting them for criminal gain.  67% also admitted to keeping a written log, or using a system of their own devising, to help them keep track of the usernames and passwords they use regularly.

“Just as the government is waking up to cybercrime we discover that company bosses are half asleep,” comments Chris Russell, VP Engineering, Swivel Secure. “The problem is that business owners think that cybercrime is something that happens to other people, without appreciating the value of the data they hold and the motivations of people who may want to access it. They read about security breaches at big multinational firms like Google and LinkedIn, but don’t realise that these same login details are probably also being used to access their own systems. It’s time business owners realised that usernames and passwords are actually not secure at all.”

“It’s a big problem that’s getting worse; company data is more at risk than ever before,” continues Russell. “Bosses and employees now want to connect their smartphones and tablets to their work systems. Flexible working is gaining in popularity, so more of us are logging in remotely. Too often, new working behaviours like these are still only protected by outdated username and password gateways. And when, inevitably, they are shared, lost, leaked or stolen, it really doesn’t matter how impenetrable your corporate firewall is because you’ve done the digital equivalent of handing over the keys to the safe.”

Perversely, almost three quarters of business owners (73%) confirmed that they do, in fact, keep track of online security threats like hackers, trojans and viruses, suggesting that the strength of their own access credentials isn’t even registering with them as a potential weak point in their security.

“The government claims cybercrime costs the UK economy £27 billion a year,” adds Russell. “That’s the equivalent of building one of Boris Johnson’s Thames Estuary airports every twelve months. You can’t help but wonder how much of that could be saved if business owners took a few simple steps to transition to a 21st century system for authenticating users and protecting their corporate data.”

The Swivel authentication platform was first launched in 2003. It is now used by local government, the NHS, major global enterprises and smaller businesses in over 35 countries, to remotely access their business networks, virtual desktops and cloud-based applications. A strong alternative to usernames and passwords, the Swivel authentication platform offers the widest range of user deployment options according to Gartner, including mobile apps, SMS and interactive voice response channels.

The post Survey: UK Bosses Slacking on Hacking appeared first on Swivel Secure.

Info Security Products Guide, the industry’s leading information security research and advisory guide, has named Swivel Secure as a finalist for the 2013 Global Excellence Awards in the Authentication Solution (Multi, Single or Two-Factor) and Innovation in Cloud Security categories. These prestigious global awards recognize security and IT vendors with advanced, ground-breaking products and solutions that are helping set the bar higher for others in all areas of security and technologies.

Swivel’s multi-factor tokenless authentication solutions offers organisations the widest range of user deployment options. The Swivel solution provides 2FA via SMS, Mobile App and Telephony and strong authentication through browser authentication, which mean organisations can deploy strong authentication across VPN, Web applications, Cloud applications and desktop in-line with their security policies all from one platform and without the need for traditional physical tokens.

“We are delighted to be recognised as an industry player within the authentication market and cloud security arena, and for this to have been recognised by being named as a finalist by Info Security Products Guide,” says Chris Russell, VP Technology. “Swivel continues to stay customer focussed and we believe this recognition from Info Security Products Guide further validates our commitment to our customers and their security needs.”  

About Info Security Products Guide Awards

SVUS Awards organized by Silicon Valley Communications are conferred in four annual award programs: The Info Security’s Global Excellence Awards, The IT Industry’s Hot Companies and Best Products Awards, The Golden Bridge Business and Innovation Awards, and Consumer Products Guide’s Best Choice Awards. These premier awards honor organizations of all types and sizes from all over the world including people behind them, the products, performance, PR and marketing. To learn more, visit www.svusawards.com

The post Swivel Secure Named Finalist in Info Security Products Guide’s Global Excellence Awards appeared first on Swivel Secure.

One of the unique features of the Swivel solution is PINsafe, Swivel’s one-time-code (OTC) extraction protocol. Users combine their PIN with the 10 digit security string to extract their OTC, making is very difficult for anyone other than user to create the password.

In his review Peter says, “[Swivel ] allows for fully integrated strong authentication that is easy for users to engage, but hard for somebody to compromise. On top of being easy to use, this product offers many integration options that can meet the needs of almost any enterprise easily without too much management overhead.”

To read the full review, click here.

The post Swivel Secure receives 4.5 out of 5 from SC Magazine appeared first on Swivel Secure.

20^th November 2012, Wetherby, UK – Tokenless authentication provider Swivel Secure, has today announced the launch of its university licensing scheme, which enables universities in both the UK and North America to secure their network infrastructures at a fraction of the typical costs, regardless of whether their data is stored in the cloud or on a virtual private network.

Under the terms of the scheme, Swivel Secure channel partners are able to offer free licences for Swivel’s tokenless authentication platform to a university’s student population, when full licences are purchased for staff members. The scheme enables budget conscious universities to add an additional level of security to their network infrastructure without the need for extensive additional investment.

In both markets, data and network security is a growing concern amongst university IT administrators. Compliance with strict data protection regulations, together with increasing demands from students to access the campus network from a range of different devices and applications, is creating a complex environment that is putting pressure on existing access controls. Additionally, many campuses are also looking to realise the cost savings offered by migrating to a cloud-based infrastructure, which raises fresh concerns about authenticating off-premise users of the campus network.

“Cloud is already an attractive cost saving option for universities and Microsoft’s recent offer of free university licences for Office 365 will undoubtedly encourage more campuses to adopt the model,” comments Chris Russell, VP Engineering at Swivel Secure. “But universities should tread carefully. The ubiquitous reuse of username and password combinations is a real threat to cloud security. Often, all a hacker needs to do is to obtain and reuse a student’s login details for, say, Facebook, in order to gain unauthorised access to the campus network.

“Universities need to be implementing an authentication solution that requires an additional piece of information so if a user’s password is compromised the network remains protected.  Our new licensing scheme enables universities to secure their VPN or cloud-based infrastructures in this manner using the only tokenless authentication platform approved for the Microsoft Office 365 environment. Providing free licences to all students should put the technology within reach of most, if not all universities, even those working hard to contain additional costs.”

The Swivel authentication platform was first launched in 2003. It is now used by local government, the NHS, major global enterprises and hundreds of smaller businesses, in over 35 countries, to remotely access their business networks, virtual desktops and cloud-based applications. Offering the widest range of user deployment options according to Gartner, the Swivel authentication platform offers the choice of mobile apps, SMS and interactive voice response channels when full two-factor authentication is mandatory.

The post Swivel Secure Launches University Licensing Scheme in UK and North America appeared first on Swivel Secure.