Ohanae Goes to College

The Whitehat Society, a special interest group dedicated to issues around cyber security at Singapore Management University, recently organized an Ohanae use case competition. Participation was fantastic, with numerous innovative entries submitted for the “Trust No One” essay competition. Lim Yi Shen and Lim Jun Yan claimed the top awards – each winning a Microsoft Surface 2, complete with a sleek keyboard and sleeve.

Meet the Winners

“I am a freelance designer and am working on various Kickstarter projects. Ohanae helps me in my work with its device-centric combined solution for both login and data protection that helps my team collaborate better. With Ohanae, I can conveniently keep using the wide range of cloud service providers, like Dropbox, Google Drive, OneDrive, and Box, without the fear of having my credentials, and hence data, compromised by malicious users. Ohanae also helps me protect my intellectual property rights against plagiarism by maintaining control of my files with information segregation done as simply as clicking to encrypt and decrypt.” – Lim Yi Sheng

Read Yi Shen’s full entry here

“As a student, I use multiple devices like phone, laptop and tablet, and need to manage numerous accounts. Ohanae keeps my data out of reach from anybody but me, allowing me to fully utilize the convenience and flexibility of popular cloud service providers for personal and work-related storage. I realized Ohanae Cloud Privacy Protection’s simplicity and comprehensive coverage of local and cloud storage, on all major OSes during my internship in a large scale company, as it struggled to protect its private corporate information. Indeed, in a world when you can trust no one, a thoughtful all-rounded defence by Ohanae is your best bet.” – Lim Jun Yan

Read Jun Yan’s full entry here
 

Proactive BYOD

Throughout history, there are many examples of events that led to calamities. In hindsight, it’s often painfully obvious that they could have been predicted and prevented by proactive efforts. Bring-Your-Own-Device, often referred to by security officers as “bring your own disaster”, represents just such a sea change for enterprises. A new article in NetworkWorld discusses several surveys that show that BYOD is continuing unabated, and often, unapproved devices or apps are being actively hidden from hostile enterprise IT departments.

Organizational reaction to BYOD typically falls into one of three categories.

In some organizations, IT has mandated that there is no use of bring-your-own-devices or apps. In a very small number — for instance, military or government intelligence agencies — the organization has the ability to completely control all incoming and outgoing network access, and to enforce physical access to facilities by unauthorized devices, and the mandate works. For the vast majority of mandated companies, controls are company policies, and enforcement is by individual compliance. The Trackvia study finds that non-compliance with company guidelines is a significant problem, with almost 70% of younger workers admitting to doing so.

In other organizations, IT has recognized that mobile devices and apps are required to achieve peak employee performance, but have certified and approved specific devices and tools. TrackVia’s study finds this hasn’t worked either, with from 30 to 50% of specific employee age groups reporting they picked other devices or apps because the ones IT chose did not meet their needs.

CIOs in the last category understand that BYOD and BYOA use within their organization is inevitable, but struggle with the other harsh reality that by-and-large, employees just don’t care about security.

Clearly, employees drive organizations towards the third alternative, and organizational attempts to drive towards the first impact employee productivity and efficiency, and consume valuable IT funding and personnel resources.

Ohanae offers CIOs a better way to embrace the second and third choices. Ohanae’s Cloud Privacy Protection software suite allows enterprises to certify and support some third party applications and devices, or to be completely agnostic to apps and devices, against a secure backdrop. Ohanae software ensures that files are encrypted on devices and in the cloud, alleviating worries about data exposure on devices which are not certified, supported, or under management by an organization. Ohanae’s credential management system ensures that cloud based storage (and other cloud based apps) are accessed using secure, complex passwords that prevent account compromise and related data exposure. Ohanae’s secure file sharing allows users to collaboratively exchange data with industrial strength access mechanisms.

Ohanae Cloud Privacy Protection provides a safe environment for corporate data and credentials, and allows IT the time, freedom and safety to make the right choices for BYOD and BYOA that will keep IT users happy, productive and secure.

For more information, please see our videos: Cloud Compliance for Business and Cloud Compliance Policy.

Unique Passwords for Internet Accounts

With the widely publicized compromise of 1.2 billion user accounts from almost a half a million different websites, one very popular question is what can the average internet user do to protect themselves.

The common recommendations are straightforward:

• Use long, strong, and complex passwords
• Use different passwords for every website
• Change your passwords often, at least every six months
• Avoid storing sensitive information (passwords, social security numbers, or other identity information) online

These are the same, proactive recommendations that have been made for several years in response to password and credential breaches. However, historically users have been lax. For instance, among users directly affected by a large password attack, one survey found more than 1/3 of those users did not change their password at all. In 2013, the passwords “123456”, “12345678”, “password”, “qwerty”, and “abc123” continued to be the five most common passwords, just as they were in 2012 (see 2013's report here), even after many large, significant, and well publicized password thefts.

The challenge for users continues to be that secure practices are difficult to do, impact their productivity, and make useful resources harder to access anytime, anywhere. Users continue to make the tradeoff towards speed, productivity, ease of use, and universality — even as the risks and costs dramatically increase.

Ohanae believes that total cloud privacy protection is the solution to this epidemic. Although traditional password management is part of cloud privacy protection, it is not enough alone. Cloud privacy protection must include security of the password manager, so that it does not become a single point of failure, where all passwords can be compromised through it. Cloud privacy protection must include authentication that goes beyond a simple password, preferably by using multi-factor authentication to safeguard access to website credentials.Cloud privacy protection must safeguard data as well as credentials — enabling storage of sensitive, identity related data without risk of trickle-down account compromises if that data is accessed without authorization.

The Ohanae suite for Cloud Privacy Protection implements a password management function called Ohanae 1-Tap. Ohanae 1-Tap does not store passwords anywhere (on your device, on Ohanae’s servers, or in the cloud). Passwords are generated dynamically only when they are used, and generated by two factor authentication based on device and passphrase.

Ohanae’s Cloud Privacy Protection encrypts files stored in cloud storage providers — at creation on your device, during transmission across the Internet, and once stored in the cloud storage provider. The data is protected by strong, multi-factor authentication to dynamically generate decryption keys only on use — industrial strength technology to keep sensitive information in your files from the prying eyes of cyber criminals.

Finally, Ohanae knows that users have the need to securely share data with other collaborators, and supports secure transmission and use.

With Ohanae, it’s easy to establish unique, strong, lengthy passwords for every website, change them as often as you’d like, and have those passwords available on every device you use — whether desktop, laptop, or mobile. You can feel secure storing sensitive files online, and sharing them with others. And, in the unlikely event of a compromise, you have the confidence that the breach is limited — to just a single website, or a single cloud storage provider.

We can defeat the cybercriminals of the world and make epic password theft a news story of the past, and complete Cloud Privacy Protection is the way to do it! To get started, download Ohanae from http://www.ohanae.com today!