Access Segmentation and Encryption Management (ASEM) is a new security model being announced today, that offers organisations the highest available level of protection against cyberattacks by addressing 95% of cybersecurity breaches, while reducing costs and significantly improving cyber resilience.
It is widely recognised that human factor is the leading cause of security incidents today, with a recent World Economic Forum study attributing 95% of all breaches to human error. ASEM is a revolutionary new security model that tackles this threat. It solves the problem at the source, which is employees holding, making, and storing their work passwords.
When organisations allow employees to make their own passwords at work, they have no visibility into how strong they are, or whether they have already been compromised. This also makes employees the number one phishing target for criminals looking to steal their login credentials.
ASEM solves this problem by removing passwords from the control of employees and putting them back under the control of the enterprise. Using a console, passwords are generated according to specific policies for each system and distributed encrypted to employees. Since no one sees the passwords, employees can’t lose them or accidentally hand them over in phishing scams.
As strong random encrypted passwords are applied to each system individually across the entire enterprise network, even if attackers infiltrate the network via a third-party supply-chain attack, they are contained within one system, can’t travel laterally across an organisation’s network, escalate privileges and take over the network.
This limits the impact of any breach, minimises the volume of data that can be stolen or locked, and therefore prevents ransomware.
Complementing other security solutions that aim to detect, protect and mitigate known vulnerabilities, but ultimately cover only 2% of the threats, ASEM provides an additional 95% coverage by targeting the primary source of breaches, which is human error.
Since users no longer create, see, or know passwords, ASEM saves organisations huge costs by eliminating password resets, which are estimated to cost US$70 per reset by research firm Forrester, password hygiene training as well as password fraud.
Instead, employees are completely protected from password phishing and errors via a single, easy-to-manage centralised management platform.
ASEM offers huge security advances over the single access model, whether Zero Trust, privileged access management, identity access management, or biometric access, which gamble the entire security architecture on users not getting caught out by phishing scams and AI. If a single user-made master password or biometric is stolen or lost, it may be game over as criminals only need to open one single access.
“Organisations today spend the majority of their security budgets on threat detection and response, but research shows this only accounts for 2% of the security threats they are facing,” said Julia O’Toole, CEO of MyCena Security Solutions. “ASEM is a new security model that adds 95% more coverage by putting access security back under corporate control.
“No other security model offers such level of coverage for organisations. ASEM also provides huge cost savings, reduces mental stress, and mathematically provides cyber-resilience against ransomware. It’s the most comprehensive security model available on the market today.”
MyCena Security Solutions is currently the only vendor offering a platform to support the ASEM security model. With MyCena’s Desk Center application, organisations can regain control of their employees’ access to improve security, cut costs, and defend against ransomware.
Already present in many sectors such as call centres, finance, real estate, construction, logistics, recruitment, tourism, manufacturing, legal services, energy, consulting, government, data storage centres and IT services, to protect their IT, OT and IoT, MyCena also helps its customers save time from manually managing passwords for each system, by automating the distribution of access with very low integration.
Organisations using ASEM to secure their access are also able to provide a Certificate of Access Control Implementation for listed systems and users to data privacy regulators and insurers, to prove compliance with their data privacy access control duties and duty of care if necessary.