Rationale Information Technologies | Rationale Security
20484
page-template,page-template-full_width,page-template-full_width-php,page,page-id-20484,page-child,parent-pageid-18169,ajax_fade,page_not_loaded,,qode-title-hidden,side_area_uncovered_from_content,qode-content-sidebar-responsive,qode-theme-ver-10.1.2,wpb-js-composer js-comp-ver-5.0.1,vc_responsive

Security

Universal Authenticator

Security

When Security Meet Agile

Adapt security approach
Look to micro segmentation software that is adaptive and intelligent, to replace manual management of firewall rules and policy. Decouple security from the infrastructure to gain a continuous enforcement pipeline that adapts to new hardware, with strong versioning that proceeds in lockstep with product releases, monitoring and infrastructure configuration.

 

Secure organization data
For data at rest, data in motion and data in transit, everything should be encrypted, everywhere. Automation and the right secrets-management infrastructure can enable frequent rotating of SSL certs and keys. Every time you commit to the code base, run a set of very basic security tests via your favorite continuous integration tool. Use automated tests to ensure common security mistakes don’t leak to production.

 

Be Proactive
Perform red team exercises as an attempt to gain access to a system by any means necessary. Try to mimic the same processes that a motivated attacker would follow to map out an organization’s infrastructure, perform reconnaissance at key physical installations, and then test the physical, cyber and social defenses all at once through a staged exercise.

 

Change is constant, but knowledge with control is key to reducing the risks it poses.

OUR SECURITY PROJECTS

Value of Agile Security

Universal Authenticator

 

This was the prototype of Mobile Universal Authenticator. The goal was to enable passwordless phone authentication for Windows Desktop and one custom system but with possibility of extension. User was able to grant access to belonging Windows Desktop machine and selected system via mobile only and without providing username/password credentials.

 

Project was implemented on Apple (iOS) iPhone devices. Whole solution was based on FIDO Specification including latest cryptography technics (SHA512 Hash Algorithm).

Corporate GIS Punch In

 

Project was to implement secure and extendable capability of employee punch in. Application was detecting when employee enter the Company parking area and provide them with capability to perform remote punch in.

 

Project was implemented on Apple (iOS) iPhone devices and as technology we have been using Google Maps and latest cryptography technics (SHA512 Hash Algorithm).