Product 

 Applications 

 News 

 Support 

 Partners 

 About Us 

MatchLogon Passwords + Humans = Security problems

Office solutions
Retail and Manufacturing
Auditing and Administration
SAP R/3 improved logon
Integration with physical access control systems

Auditing and Administration

It is well know that "insider attacks" can be the biggest threat to security. According to many security specialists, about 80% of all cases of unauthorized access within a company intranet is carried out by an "insider" - an employee who has been granted the appropriate access rights. The problems occur in many organizations; even when adequate data protection and security services have been implemented. The security infrastructure may be designed to provide the level of protection you want, yet it must be controlled by administrators, who must be granted certain privileged rights. Without adequate auditing capabilities this may lead to serious security breaches.

To counteract these potential problems, MatchLogon's Audit Services provide unprecedented data protection levels that are independent of the rights of administrators and individual users. Audit Services eliminate the possibility of privileged employees or violators covering their traces of accessing and/or modifying protected data or by-passing the security system. The following are some specific aspects of a MatcHLogon security system that enable such auditing measures:

  • Secure ID cards and the use of biometrics to authenticate users make it very difficult for users to perform actions anonymously or impersonate another user. It's also very hard to forge or get into possession of another user's ID-token or biometrics.
  • All security events throughout the system (logons, account and credentials modifications, security policies changes, etc) are logged into several journaling servers simultaneously and independently. Physical and logical access to such servers is usually restricted to a special group of people - auditors. Auditors are independent of administrators or other privileged users.
  • MatchLogon journaling services will uncover any malicious attempts to break into the system even if the attacker tries to cover-up or undo the changes. It doesn't matter whether the attacker is a regular user, privileged user or an Enterprise Administrator - all security events are logged on journal servers.

Product | Applications | News | Support | Partners | About Us
© 2006, MatchLogon. All rights reserved.