Trusted Access helps you to stay safe and work remotely

Today’s hard situation forces us to work from home, but still we need to preserve the valuable asset – our data. We could help you set up secure remote working program.

We are offering the secure remote access as well as information centric endpoint protection portfolio for a year for free. Portfolio will include:

  • Continent 4 VPN client– Secure access to your internal applications and sensitive data
  • Secret Net Studio – Data protection and deep integrity control of remote endpoint

Contact us (sales@trustedaccesstech.com) and we will help you to set everything up quickly.

We care about your safety.

 

Trusted Access Technologies holds workshop on holistic cyber security approach during UAE Innovation month

Trusted Access Technologies participated in United Arab Emirates Innovation month 2020. The company’s workshop was held on 10 th of February in Sharjah in partnership with the University of Sharjah.

Anis Khasun, the Managing Director of Trusted Access Technologies, explained at the event the importance of holistic approach to cyber security.

“The main purpose of the workshop is to show how to ensure the security of the data by creating trusted platform inside the existing IT infrastructure and delivering security mechanisms on top of it”, he said.

During the event, Trusted Access Technologies also presented its main solutions that can help government entities and enterprises in protecting their IT infrastructure against the most sophisticated cyber threats.

The Sharjah leg of the programme was inaugurated by Shaikha Bodour Bint Sultan Al Qasimi, Chairperson, Sharjah Investment and Development Authority (Shurooq). The activities in Sharjah are being held under the patronage of Shaikh Sultan Bin Mohammad Bin Sultan Al Qasimi, Crown Prince and Deputy Ruler of Sharjah.

The week-long event in Sharjah, held at Sharjah Book Authority, features more than 80 Sharjah and UAE government organisations, universities, and local and international companies.

Trusted Access Technologies told about current trends in the information security and encryption field at the IBCAST conference in Pakistan

Trusted Access Technologies participated in the 17th international Conference on Applied Science and Technology (IBCAST), which was held in mid-January in Islamabad, Pakistan. The company’s experts told about the issues of digital sovereignty, UEFI security, encryption performance of wide-block and stream ciphers, and mechanisms for evaluating modern encryption algorithms, including GOST ciphers.
The IBCAST conference has been held since 2002 in the vicinity of Islamabad. To date, it has been attended by more than 12,000 scientists and engineers from foreign universities, as well as scientific organizations that have submitted about 2,750 scientific papers. This year, the conference was attended by representatives of government organizations such as the strategic planning Division (SPD Force) and the national engineering and scientific Commission (NESCOM).
Andrey Golov, General Director of Trusted Access Technologies, made a presentation on “Digital sovereignty: why it is important and how to achieve It”, in which he reviewed examples of using information technology as a pressure tool, and also proposed an approach to achieving digital sovereignty without completely rebuilding the IT infrastructure. In his second report, “UEFI security Review”, he analyzed the prerequisites for using UEFI by hackers, gave examples of malware that uses UEFI, and suggested a way to analyze UEFI vulnerabilities and deactivate Intel ME.
Alice Koreneva, Ph. D., head of the cryptographic analysis Department of Trusted Access Technologies, made a report on “Performance of encryption of wide-block and stream ciphers”, prepared in collaboration with the scientific consultant of Trusted Access Technologies, Ph. D., Professor Vladimir Fomichev. This report presented new cryptographic schemes-wide-block algorithms. They allow you to significantly improve the performance of encryption, while maintaining important cryptographic qualities. The second report was entitled “Mechanisms for evaluating block and stream ciphers, including GOST”. It discussed the main methods used to analyze modern encryption algorithms. Using the example of many years of research on GOST algorithms by cryptographers from all over the world, Alice Koreneva reviewed various evaluation techniques and presented the main results confirming the reliability and security of Russian Federation national ciphers.
“The Pakistani side has demonstrated a very high level of hospitality, and we are also pleasantly surprised by the expertise of our colleagues. I hope that this conference will be the first in a series of international events where we will show our expertise and lay the foundations for long – term cooperation with the countries of the Middle East and South Asia,” Andrey Golov sums up.
“We are very happy to respect the Russian school of information security and our country as a whole. Russia was the absolute leader in the number of invited reports in the Cyber Security and Assurance Technologies section. Our company received three honorary awards based on the results of the conference” – Alice Koreneva comments on her participation in IBCAST.

Trusted Access Technologies partners with ITRAMAS to bring new holistic approach to cybersecurity in Malaysia

Trusted Access Technologies signed strategic partnership agreement with ITRAMAS.

ITRAMAS, a Malaysian leading technology corporation, will take on Malaysian distribution for Trusted Access Technologies.

ITRAMAS Corporation was represented by CEO Mr. Lee Choo Boo, Head of R&D Dr. Lim Way Foong and Corporate Advisor Mr. Tengku Mahaleel.

“We are very pleased to announce our partnership with ITRAMAS, a corporation that has unique and leading position in Malaysian ICT market. Our cooperation will bring to the region new holistic approach to cybersecurity”, says Anis Khasun, managing director of Trusted Access Technologies.

“Our solutions will help Malaysian government entities and enterprises to protect themselves against sophisticated cyber threats, 0-day attacks, backdoor and supply chain attacks”, he added.

ITRAMAS is a leading Malaysian engineering company in the field of advanced technology. The corporation has extensive experience in implementing large-scale projects in the field of electronic production, cybersecurity and smart city. ITRAMAS cooperates with CyberSecurity Malaysia to ensure the state’s digital independence and cyber sovereignty.

Trusted Access Technologies, formerly Security Code included in “Market Guide for Cloud Workload Protection Platforms” by Gartner

Gartner released a “Market Guide for Cloud Workload Protection Platforms” in the April of 2019. Trusted Access Technologies, formerly Security Code was again mentioned as a representative vendor of security solutions mentioned in the report.

According to Gartner “At YE18, we estimated that the CWPP market was in the range of $600 million to $700 million in revenue with aggregate double-digit year-over-year growth.” (Market Guide for Cloud Workload Protection Platforms, 8 April 2019, ID: G00356240 Page 4).

The analytical company highlights the following trends that have influenced the growth of the market:

  • Workloads are being moved from on-premises to public cloud IaaS, and the overall number of IaaS workloads is growing.
  • In public cloud IaaS, workload-centric host-based CWPP solutions provide an easier architectural option for enforcing security policy than traditional in-line network-based security controls. Workload-based offerings automatically scale out and back as the number of workloads increases and decreases.
  • Likewise, the need for pervasive Secure Sockets Layer/Transport Layer Security (SSL/TLS) decryption and inspection is performed more easily at the host workload where the session is terminated versus having to decrypt traffic in line using “man-in-the-middle” approaches. This is especially true for inspecting traffic that moves laterally east/west from service to service in microservices-based architectures.

The shift to cloud-native application development using container-based application architectures, microservices-based applications and adoption of serverless PaaS will require new CWPP capabilities both in development and at runtime. Cloud-native apps require solutions designed to address the protection requirements of cloud-based systems. (Market Guide for Cloud Workload Protection Platforms, 8 April 2019, ID: G00356240 Page 4)

There are two distinct markets – for agents who are put on servers and protect them (Cloud Workload Protection Platforms (CWPP)) and the adjacent Cloud Security Posture Management (CSPM) market, which is important for the full implementation of a secure cloud.

In this way, CWPP solutions protect servers from within, while CSPM solutions exercise external control over server machines in the cloud.

Source: Gartner, Market Guide for Cloud Workload Protection Platforms, 8 April 2019

The security code’s vGate product can provide CSPMsecurity: delineation of access to virtual machines, network configuration, storage configuration, access rights management virtual environment administrator. As a result, the solution significantly reduces the risks of IB in large virtualization environments.

Together with the Secret Net Studio product, which protects every single virtual machine and falls into the CWPP solution category, they are a holistic solution for the protection of virtual and physical servers. Secret Net Studio is a comprehensive solution to protect workstations and servers at the level of data, applications, network, operating system and peripheral hardware.

Recall that the basis of the platform for server protection is a set of mechanisms, which we talked about last time: the basis is operational hygiene – a set of basic measures that significantly reduce the risks ofIB. configuration and vulnerability management, network traffic filtering, system integrity control, app start-up control, RAM protection, data encryption in IaaS environment, EDR server activity monitoring, system intrusion detection, false vulnerability detection system, signature antivirus.

“We are grateful to Gartner for including us as a representative vendor for the second year in a row. We believe this indicates a continuing high level of confidence of independent analysts in our products and is especially relevant, given our serious actions to enter the international market,” said Andrei Golov, CEO of Security Code.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartners research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Find out more

The Security Code is a Russian developer of software and hardware that protects information systems and meets international and industry standards. nine licenses of fsTEK of Russia, the Fsb of Russia and the Ministry of Defense of the Russian Federation. More than 60 valid certificates issued by these authorities confirm the high quality of products and allow them to be used in information systems with the most stringent security requirements. The company’s products are used to protect confidential information, trade secrets, personal data and information that constitutes state secrets.

There are currently more than 400 qualified professionals in the Security Code, many of whom have unique expertise in the development of IB solutions. More than 900 authorized partners of the company supply its products and provide their quality support in all regions of Russia and CIS countries. More than 32,000 government and commercial organizations trust and use Security Code products to protect workstations, servers, virtual infrastructures, mobile devices, and network interactions across all information components Systems.

vGate is an information protection tool designed to ensure the security of virtual infrastructures based on VMware vSphere and Microsoft Hyper-V platforms, as well as the critical task of bringing virtualization infrastructure into line legislation, industry standards and the world’s best practices.

Secret Net Studio is a comprehensive solution for protecting workstations and servers that protects information simultaneously at the data, application, network, operating system, and peripheral equipment level, and enables you to implement centralized management and monitoring of all security mechanisms with the ability to collect, correlate, filter and prioritize information security events. The product is available in two editions: Secret Net Studio – to protect sensitive information and Secret Net Studio – C – to protect state secrets.

Trusted Access exhibited at GITEX Technology Week in Dubai

Trusted Access took part in GITEX Technology Week 2018, international IT exhibition, which took place in Dubai (UAE) from 14 to 18 October 2018. This ICT and electronics market event is the biggest and the most significant one for the Persian Gulf countries. The exhibition attracted attention of more than 150 thousands visitors and more than 4,5 thousands of companies participated this year.

Continue reading “Trusted Access exhibited at GITEX Technology Week in Dubai”

“Security Code” is recognized as a Representative Vendor in Gartner Market Guide for Information-Centric Endpoint and Mobile Protection

Research and consulting company Gartner has released its October 2018 report “Market Guide for Information-Centric Endpoint and Mobile Protection”. The “Security Code” was included in the Representative Vendors list.  Our solutions are designed to satisfy requirements listed in the report.

According to Gartner, “Data losses are at an all-time high, and data breaches — both criminal actions and careless accidents — must be prevented by any and all means…  Security and risk management leaders who grapple with endpoint security challenges must accept that astute information protection requires a blending of several methods…  The interconnected world and its increasingly pervasive data-sharing demands will soon force companies to put the solutions together to resolve different aspects of loss.” (Gartner, Market Guide for Information-Centric Endpoint and Mobile Protection, October 15, 2018)

Gartner identifies eight ways to encrypt and protect business information:

  1. Preboot OS-level encryption of physical or virtual device
  2. Postboot OS file system encryption
  3. Container encryption
  4. Removable media encryption
  5. Data loss prevention controls (DLP)
  6. Content collaboration platforms (CCPs)
  7. Secure PIM
  8. Enterprise digital rights management

Vendors are expanding their products to more completely address these capabilities and reduce information loss and endpoint security risks.

Gartner, Market Guide for Information-Centric Endpoint and Mobile Protection, October 15, 2018

Systems can be protected by Secret Net Studio for Data – information-centric endpoint protection solution. It allows to control sensitive data handling, block access to confidential files, prevent unauthorized printing and moving to the USB-device.

Secret Net Studio offers three protection methods: Container, Data loss prevention controls (DLP) and Enterprise digital rights management.

Gartner defines these methods are described in the following way:

  • “Container – files are unreadable without successful login to a protected virtual file system. App access to container and import/export of files may be controlled. Some containers may include DLP features. This method is suitable for shared systems and multiple users. Defense value: Information protection is independent of OS and disk protection, and can be highly portable. Containers can be context-dedicated to specific business processes or act as a broad workspace.
  • Data loss prevention controls (DLP) – file transfers can be blocked or processed with encryption based on keywords, user, project and other contexts. This method is suited to context-dependent data protection. Defense value: Data transfer events can be identified and evaluated using business rules and policies.
  • Enterprise digital rights management – this method is suited to platform-independent, context-dependent data protection. Files are imbued with persistent protection policies when created, read and updated. The policies can specify access by company, user, project and other details. EDRM can also stipulate limitations on app behavior, such as blocking “save as,” clipboard copying, printing and so on. Defense value: EDRM creates the tightest possible access control relationships between files and apps. Policies can be detailed, and access can be tracked.” (Gartner, Market Guide for Information-Centric Endpoint and Mobile Protection, October 15, 2018)

“We are doing our first steps in the international market so far. And we have to fill our solution with new features and methods of data protection. But we are pleased to know that our current solution that was developed for Russian companies is partially compliant with market demands. It means that the main vectors of data protection are approximately the same in different countries. So far, we are going to develop our solution taking in consideration all the methods of data protection that are required by international market”, – says Dmitry Zryachikh, CTO “Security Code”*.

* About “Security Code” and Trusted Access

Trusted Access is a foreign division of “Security Code”. We have unique security solutions successfully used by more than 32 000 organizations to address any information security issues on workstations, servers, virtual infrastructure and networks. Our products and solutions protect the most critical IT systems.

Company has technical partnerships with Microsoft, VMware, Kaspersky lab, Intel.

Gartner Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About “Security Code”

“Security Code” has unique security solutions successfully used by more than 32 000 organizations to address any information security issues on workstations, servers, virtual infrastructure and networks. Our products and solutions protect the most critical IT systems.

Company has technical partnerships with Microsoft, VMware, Kaspersky lab, Intel.

Trusted Access will be exhibiting at GITEX Technology Week in Dubai

Trusted Access, the leading provider in IT infrastructure security solutions, will be exhibiting at GITEX Technology Week in Dubai, 14-18 October 2018. Company stand is SR-B6.

GITEX Technology Week 2018 is the 38th international IT-exhibition in Persian Gulf. It is the largest and most authoritative exhibition of the latest achievements in the field of information and communication technologies and electronics. There are expected more than 150 000 visitors and more than 4500 companies to exhibit this year.

Trusted Access will be introducing its three products:

  • vGate – Private cloud security posture management solution. It allows to enhance cloud security and ensure compliance with security regulations beyond virtual machines.
  • Secret Net Studio Trusted Environment – Unique pre-OS endpoint security solution. It gives company a way to externally control consistency of standard endpoint protection mechanisms. It cannot be detected and deactivated remotely.
  • Secret Net Studio for Data – Information-centric endpoint protection solution. It allows to control sensitive data handling, prevent data leakage and streamline incident investigation process.

“This year will be the second time that we are exhibiting at GITEX. We’ve got a lot of benefits from our first participating in GITEX in 2017. Trusted Access products are represented at the local market for more than a year and they have big success. That is because we offer our customers not just an abstract concept; and not just technology: we bring to the local market the product, which has a long history — dozens of years. Our information security tools are easily deployed and simple to operate. That is why we are exhibiting at GITEX – we want to share information and spread our technologies to the Middle East and Africa regions. Our exclusive distributor in the region is Al Hosani Computer LLC  –  company’s specialists know the market well and are ready to help us with any localization requirements and issues”, – says Andrey Golov, CEO at Trusted Access.

Additional information:

Trusted Access by Security code has unique security solutions successfully used by more than 32 000 organizations to address any information security issues on workstations, servers, virtual infrastructure and networks. Our products and solutions protect the most critical IT systems.

Company has technical partnerships with Microsoft, VMware, Kaspersky lab, Intel.

Security code mentioned in Gartner’s Market Guide for Cloud Workload Protection Platforms.

“Security Code” is included as a Representative Vendor in Gartner Market Guide for Cloud Workload Protection Platforms

Research and consulting company Gartner has released its March 2018 report “Market Guide for Cloud Workload Protection Platforms”. “Security Code” was included in the list of the Representative Vendors that offer solutions designed to satisfy one or more of the requirements in the report. The company is the only Russian vendor noted in the report.

According to the report, “Gartner has not yet formally sized the CWPP market, but we estimate it to be between $550 million and $600 million at YE17, and it is growing in double digits.”

The development of the server security market and its dynamics are influenced by several key factors and main are:

  • Servers require fundamentally different security measures, while a different approach to security is needed in public clouds.
  • Target attacks bypass traditional perimeter protection and signature-based protection. The need to protect against this type of attack has led to several key changes in server security systems:
    • There are protection models that do not rely on signatures.
    • There was a need for isolation, segmentation and transparency of network traffic.
    • Additional behavioral monitoring is required.

The figure below shows recommended order of prioritizing cloud workload protection controls: from the more critical (foundational) elements in the lower part of the pyramid to the less critical ones at the top.

Source: Gartner,     Market Guide for Cloud Workload Protection Platforms, 26 March 2018

The base is operational hygiene, next in ascending order are: hardening, configuration and vulnerability management, network firewalling, segmentation and visibility. At the same time, companies themselves can assess the importance of these measures in different ways depending on specific risk profiles, regulatory requirements or geographical factors.

In Security Code’s product line, there are two solutions that we believe will allow implementation the principles that Gartner analysts write about.

The protection of the system can be realized with the help of Secret Net Studio – an integrated solution for protecting workstations and servers at the level of data, applications, network, operating system and peripheral equipment.

This solution allows you to manage security to protect a hybrid cloud server in the following areas:

  • network firewall, segmentation and visibility;
  • File integrity control;
  • application control / white list;
  • protection against exploits / memory protection;
  • Intrusion prevention system with protection from vulnerabilities;

However, when migrating to a virtualized infrastructure while providing complete protection, it is necessary not only to protect the virtualized server, but also to control the security of the cloud environment or the virtualization environment. It’s about the set of services that are required to manage and configure virtual machines. For example, access control, network settings, storage settings, and settings for PaaS services. In large cloud environments, the correct configuration of these services can be complex, which will create additional risks for the security of virtual machines and information on them.

The vGate product ensures the security of the virtualized environment. It allows the demarcation access to virtual machines, monitor the activity of virtual environment administrators and security settings of the hypervisor. As a result, the solution significantly reduces the risks of IS in large virtualization environments.

“We are grateful to Gartner for including us in the Market Guide report. We believe this allows us to assess the level of demand for all the lines of our products in new market segments for us and think it contributes to strengthening our own analytical expertise. We feel the inclusion of Security Code as a Representative Vendor for its products we feel indicates a high level of trust. In our opinion, this is especially true, given our serious actions to enter the international market. The development of the company’s business in foreign markets we feel should be successful due to the products we offer,” –  said Andrei Golov, CEO of the Security Code.

Gartner Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Trusted Access exhibited at GITEX Technology Week in Dubai

Trusted Access took part in GITEX Technology Week 2018, international IT exhibition, which took place in Dubai (UAE) from 14 to 18 October 2018. This ICT and electronics market event is the biggest and the most significant one for the Persian Gulf countries. The exhibition attracted attention of more than 150 thousands visitors and more than 4,5 thousands of companies participated this year.

Trusted Access introduced export products at GITEX Technology Week: Secret Net Studio and vGate were presented on the company’s stand. Trusted Access experts mentioned company products advantages and information security practice of governmental and commercial organizations.

Due to GDPR which has been applied in May 2018 and expected local personal data protection requirements in the Persian Gulf countries, organizations of the commercial and governmental sector are looking for an appropriate level of protection of personal data operated in information systems. Products of the Trusted Access company absolutely satisfy these challenges.

Visitors of the exhibition were interested in information security technologies development. Trusted Access» stand allowed them to familiarize with new approaches of infrastructure and data security. A special interest of visitors was caused by the fact that Trusted Access products were able to create a trusted environment of the confidential data processing, protect data stored in the virtualization infrastructure and differentiate users’ access to these files.

Trusted Access representatives participated in a row of business meetings and as a result approved pilot projects in UAE, Oman and Pakistan.

Company CEO Andrey Golov and technical director Dmitry Zryachikh took part in press conference, after which «60 mins» magazine published their interview.

«Our products have been introduced on the middle-east market more than a year ago and are in demand. We give our clients not just an abstract conception or technology, but ready-to-use products for the local market. Our information security appliances are easy to install and simple to use. Interest in them was an inherent condition of positive agreements of pilot projects in the Middle East region. We decided to set up an office in Dubai in order to realize these projects in the most accurate way», commented the results of GITEX Technology Week 2018 Andrey Golov, CEO Trusted Access