I originally needed a solution for myself. - Kelly Sparks, aPersona Founder
RALEIGH, NC (PRWEB) March 26, 2015
Large scale breaches of personal information held by corporations continue to escalate at a staggering rate. Because people often use the same passwords across multiple sites and services, most user names and passwords have likely already been compromised. In about 75% of data breaches, thieves simply exploit stolen credentials. That’s right, three fourths of these criminals simply walk right in through the front door. aPersona, a Raleigh, North Carolina start-up, is out to change that by making those stolen credentials useless to anyone but authorized users with the launch of their Adaptive Security Manager.
While the cost of U.S. consumer cyber-attacks totaled $38 billion in 2013, according to the 2013 Norton Cybercrime Report published by ZDNet and USA Today, there are still two barriers preventing most organizations from implementing protection on customer logins: convenience & cost. Much research has been done on what creates a pleasant customer engagement with web applications and mobile apps. Ease of login is always near the top. Customers expect protection, but they don’t want to be bothered with extra steps during login or when completing transactions in the application. That requires software that is intelligent. Which takes us to cost. Historically solutions with intelligence are too expensive to scale to very large user groups. That is where aPersona saw an opportunity.
“I originally needed a solution for myself,” said Kelly Sparks, CEO of aPersona. “I was on the management team of a sizable cloud services provider and simply could not find an ideal solution to protect logins. Every solution I looked at either had no intelligence or was priced in a way that would not scale.”
aPersona’s transparent system runs an invisible validation against behavioral factors and digital fingerprints with each transaction. It also has a learning mode in which it is simply learning a user’s normal interaction with the protected application. If the system determines something is out of the ordinary, it will prompt for additional verification. If the user successfully provides the verification, the user’s profile is updated so that the system recognizes the behavior as normal the next time.
aPersona also realized that all transaction risk is not created equal. There may be one risk level associated with a user logging into an application, and different risks for post login transactions. aPersona enables any number of transaction risk profiles to be created and utilized by any transaction for any user within any application.
aPersona also covers back-end access and reporting. Real time monitoring allows teams to stay on top of threats as soon as they happen. If the aPersona solution had been in place with the most recent Anthem breach, the stolen credentials would have been useless and the IT team would have been notified that an unauthorized party was attempting to use them. The tool also gathers risk analytic data for all transactions. This allows the creation of risk analytics, which can be used for compliance reporting.
As cyber attacks continue to morph and present new risks, aPersona can adapt to these scenarios as well. By mining the enormous amount of behavior activity surrounding the Internet, aPersona is built for the future by allowing new factors to become part of any transaction. The ability to quickly adapt new controls will keeps threats from gaining an advantage in accessing this valuable information.
aPersona seem to have struck a chord with their product. They are already in testing with a very large financial services firm in the US with several others to begin testing soon. They are also planning to release an appliance version designed to address the security needs of small to medium-sized businesses.
“While no company is immune to attack,” said Sparks, “deploying aPersona’s cost-effective, user-friendly tools dramatically reduces the potential for the most common method of breach.”