One of the most used business tool is Email and web based email access is used by 90% enterprises globally. There are popular email solution available in market like Microsoft Outllook Web Access, Lotus, Free ones Gmail, Yahoo, Open source - SquirrelMail, SendMail etc.
Most of the confidential and restricted information and documents like proposals, quotations, agreements, invoices, partners / clients and potential customers details etc exchanged through these email.
Corporate cyber warfare is becoming more common where hackers are offering their services to companies to spy on you and also steal your confidential and private information. The easiest place to attack is your Email.
Most of the email solution, commercial or open source do not come with strong protection. It comes with only basic authentication where you provide userid and password to log into the web based email system.
This is where EZMCOM comes in and helps you to strengthen your email with strong identity protection by providing One time password protection to your email Id.
Using our EzToken (software and hardware tokens) you can add strong authentication to your email solution. We are taking the example of the SquirrelMail where we will show how easy it is to add Second Factor Authentication for this open source web based email solution.
There are 3 easy, quick steps to follow -
STEP-1: Modify the UI "$SQWEBMAIL_HOME/src/login.php" to ask for a 2nd factor (OTP) input
Example:
Most of the confidential and restricted information and documents like proposals, quotations, agreements, invoices, partners / clients and potential customers details etc exchanged through these email.
Corporate cyber warfare is becoming more common where hackers are offering their services to companies to spy on you and also steal your confidential and private information. The easiest place to attack is your Email.
Most of the email solution, commercial or open source do not come with strong protection. It comes with only basic authentication where you provide userid and password to log into the web based email system.
This is where EZMCOM comes in and helps you to strengthen your email with strong identity protection by providing One time password protection to your email Id.
Using our EzToken (software and hardware tokens) you can add strong authentication to your email solution. We are taking the example of the SquirrelMail where we will show how easy it is to add Second Factor Authentication for this open source web based email solution.
There are 3 easy, quick steps to follow -
STEP-1: Modify the UI "$SQWEBMAIL_HOME/src/login.php" to ask for a 2nd factor (OTP) input
Example:
STEP-2: Add the following lines of code at an appropriate place in the file "$SQWEBMAIL_HOME/src/redirect.php"
/* Verify that username and OTP are correct. */
$otp = trim($otp); /* $otp variable receives the input value from the above modified login page */
$success = "0";
$otp_verification = verifyOTP($login_username,$otp);
if($otp_verification != $success) {
$msg = 'One-Time Password verification failed: ';
logout_error( _($msg . $otp_verification) );
exit;
}
STEP-3: Add the following function in the file "$SQWEBMAIL_HOME/functions/auth.php"
/**
* Verify OTP
* This function performs One-Time Password authentication
*
* @param string $username and $otp
* @return authentication result '0' for success, or failure return code
*/
function verifyOTP($username, $otp) {
/* initialize the below orgid to the EzIdentity group ID
displayed in provisioning portal. Default (1st group Id) is 3 */
$orgid = '3';
/* initialize the below URL to point to EzIdentity Authentication
server. Edit IP address, Port. Default value of http port: 9880 */
/* Note: Requires HTTP integration API plug-in to be installed in EzIdentity */
/* Note: Requires appropriate firewall access controls for access */
$url = 'http://IP:PORT/auth/ezidentity/verifyallotp.jsp';
$data = array ('strUserId' => $username, 'iOrgId' => $orgid, 'strOtp' => $otp);
$data = http_build_query($data);
$optional_headers = '';
$result = do_post_request($url, $data);
return $result;
}
Once you do the above mentioned 3 steps, you are enabled with Strong protection for your SquirrelMail.
Following are the user experience for the new strong authentication of SquirrelMail -
Screen 1: Login asking for OTP along with userid and password
Screen 2: Password and OTP validated to get successful login
Screen 2: Invalid OTP OR try to reuse the OTP again - Login failure
Similar to SquirrelMail, all the other popular email solutions can be configured to offer strong protection. In the back end you will have EzIdentity platform to manage the token and users and from your email solution, you will do the authentication.
With EzIdentity platform along with EzToken Software tokens, the total cost of ownership for rolling out strong authentication for your enterprise email solution is as low as USD 2 per user per month.
For details on the EzIdentity solution and for free trial, please contact us. We will be glad to assist you.
0 comments:
Post a Comment