Expisoft Secure Access product portfolio
Expisoft Secure Access portfolio consists of various types of security modules and products, ranging from personal firewalls and VPN clients, local and network log-in functionality, single sign-on features, encrypted local and cloud disks, issuing of certificate for identification of users and permissions etc.
All modules use advanced symmetrical and asymmetrical cryptographic methods to ensure that no unauthorized users can log into mission critical systems or access enterprise sensitive information without access to a legitimate smart card or a mobile ID installed in their smartphone and a correct role.
The Product Portfolio complies with all Scandinavian and European security standards in IT security and it also complies with the recommendations of the Department of Health and Human Services, H.I.P.A.A, and 24-hour authority requirements for e-commerce and the protection of confidential information.
All security products and modules in the Expisoft Secure Access product portfolio use strong authentication for validating users and IT systems / applications, which provides a significantly higher level of security than traditional passwords.
Expisoft Secure Access product portfolio contains the ExpiLogon SSO module that offers the organization and user:
- A common login to reach all applications that the user is authorised to use and where a traditional password is replaced with strong authentication technology using a smart card or smartphone and with a mobile ID installed
- Single Sign-On functionality to the organisation's servers, network and applications, ie, the user does not need to make multiple logins
- Eligibility and access control of all users when they login to the organisation's IT resources, ie servers, network and applications
Expisoft Secure Access product portfolio includes a software client called ExpiClient, which installed on a PC or Mac, offers the following functionality:
- Secure logins into users' computers and further into the network using a smart card or smart phone with a Mobile ID, ie strong authentication of the user
- Automatically and transparently encrypt the user's local hard disks
- Control the user's access to encrypted archives and disks in the network
- Encrypt the communication to and from the user's computer using a built-in VPN client and personal firewall
Expisoft Secure Access product family also contains an ExpiGuard module that can:
- Be installed directly on the target system that should be protected or on a so-called network appliance that is placed in front of one or more target systems that should be protected
- Stop traffic over unauthorised ports as well as prevent SQL injection, XSS and XSRF attacks
- Filter, check and encrypt traffic sent over authorised ports
- As application firewalls, whitelist and/or blacklist items, forms, etc. as well as look for specific URLs to block or pass through
- Permission and access control of users who try to reach the companies network resources and business applications
Expisoft Secure Access product portfolio also includes a complete CA system, SecureAccess Certificate Manager, with functionality to
- Issue certificates and e-credentials for identification and authorisation of the company's users
- Handling various PIN / password policies, smart cards, card templates, administrator and user groups
- Control users' access and logon rights to the organisation's servers, applications, encrypted cloud disks via a role-based security administration
- Allow the company's users to perform self-administration. Users can easily retrieve and renew their own credentials, certificates, block a lost card/certificate, remote unlocking of smart cards etc
- Automatically distribute all necessary security configurations (roles, permissions, etc.) to client and agent features installed on the target systems that are to be protected or the network appliance that are placed in front of the target systems
- Logging/reporting of events for issued and blocked certificates, add/remove users, smart cards, etc.
In summary, Expisoft Secure Access product portfolio provides the organisation and their users with a greater security and simplicity all at the same time:
Expisoft Secure Access also simplifies the IT department's work with users that have forgotten their passwords. A large part of most companies IT support is about helping users who forgot or lost their password.
Using a security solution based on two-factor authentication where the user only has to remember a PIN code, the company can save many hours of work and unnecessary costs while increasing the security level of the business at the same time.
With ExpiClient and Single-Sign-On, the user's life is greatly simplified since he/she only has to remember one PIN to log in to all systems and applications for which he is authorised.
Thus the user avoids using different passwords for different systems and applications and moreover, avoids replacing these passwords at regular intervals. The security solution will do this exchanges of passwords automatically for the user in the background.
Expisoft Secure Access has an easy-to-use security administration that provides a simple overview of the permissions assigned to the organisation's users, i.e. which systems and applications the user has accessed to.
If or when a user changes a task or ends his/her employment, roles and permissions assigned to that user can easily be retracted.
Expisoft Secure Access raises the organisation's security overall level since the users no longer need to use long and complicated passwords and change them at a regular basis.
Bad security behaviors with users choosing weak passwords or writing down difficult password on post-it notes that are kept near the workplace, such as under the desktop or stuck directly on the screen are easily avoided.