If we don't use digital services 24 hours a day, why do we give attackers the possibility to try to access them whenever they want?
Today Telefónica Digital introduced a new line of proprietary products to protect the security of its users and companies on the internet and supplement its offerings in this area.
We use online services and our multiple online identities every day – accessing email and social networks, making online purchases or using online banking, and these are the habits that increase the need to strengthen security against possible attacks. But if we don’t use digital services 24 hours a day, why do we give attackers the chance to access them whenever they want?
This is the question that is answered by Eleven Paths. This Telefónica Digital company, headed by Chema Alonso, has developed Latch, a service that allows users to create an additional layer of security using a simple smartphone application.
According to Eleven Paths in case of an attack, it’s hard to prevent the theft of authentication data, but it’s possible to reduce the exposure time by “turning off” online services when we are not using them, and “turning them on” when we want them. Users can even decide which actions can be done through services. This means that Latch puts control of user identities back into the hands of the users and strengthens authentication management, while at the same time improving the security of the service providers.
So, if an attacker uses a username and password that has been stolen, or a credit card or other system of authentication, it will be impossible for them to use this information to impersonate the user outside of a specified time interval.
The service is available for iOS, Android and Windows Phone. To register as a user, just visit Latch.Elevenpaths.com and download the application. Latch is operating internationally and is already integrated into several services of the Telefónica Group and the Acens control panel. Telefónica is currently negotiating with various global digital service providers to integrate Latch into their systems.
Cybersecurity intelligence 24 hours a day
As part of its cybersecurity services, Telefónica has also introduced Digital Surveillance, which is designed to help companies protect themselves against cyberattacks that may be aimed at them. This is a detection and analysis service, whose main advantage lies in digital intelligence, provided by a team of experts in hacking, fraud, criminology and online communities. The service focuses on two main areas:
Reputation and protection of brands against unauthorised use, domain hijacking, offensive content, counterfeiting and abuse of digital identities.
Business disruptions as a result of information leaks, activism, hacktivism on the internet, DDoS attacks, violation of security mechanisms and theft of credentials.
The service is supplemented by a Fraud-Prevention Service that detects and mitigates phishing, pharming, malware, carding and mobile malware attacks.
In addition to the resources in its Security Operations Centres, Telefónica offers an additional advantage: management of a global telecommunications network. This allows companies to identify threats to their own networks such as DDoS attacks or blocking traffic from phishing sites. The service is already available for companies in Spain and will be extended to other Telefónica markets in the coming months.
Faast and the Metashield® Protector product line
Telefónica’s service offerings are supplemented with two new products developed by Eleven Paths: Faast and Metashield® Protector. The first is a pentesting (penetration testing) system that helps companies detect security breaches from the point of view of an attacker.
And Metashield® Protector, which offers a set of security solutions that allow organizations to eliminate the metadata associated with documents in different environments to prevent sensitive information from leaking.
With this new offering, Telefónica’s services cover the entire cybersecurity cycle of its customers, focusing on prevention (Metashield®), detection (Digital Surveillance and vulnerability management) and response (Fraud Prevention and AntiDDos).