Zurich, Switzerland, September 21, 2009 --(PR.com
)-- Aymer had launched today (September 19, 2009) the new and comprehensive official website.Aymer International Limited is a leading developer and provider of PC security & identification hardware solutions for financial, civilian and military authorities worldwide.
For best performance, Aymer believes hardware solutions present a sustainable long lasting and coherent solution, hence focus on developing hardware security solutions that are exceptional and innovative and represent Aymer's philosophy and core values.
In this age of wide and easy accessibility to the organization’s data, military, banks, health services and financial organizations are constantly exposed to increasing internal fraud risk.
Somewhat more startling is the fact that fraud is often carried out through abuse of internal resources by authorized personnel, with passwords easily circumvented or stolen using software or hardware keyboard loggers, wired or wireless tapping technology or a broad range of other malicious means. Dollar amounts and electronic data volumes stolen tend to increase over time, too, as perpetrators gain a false sense of confidence, quickly turning one-time felony into habit, and losses are rarely recovered.
Currently the security solutions that are used by organizations are software solutions developed to notice irregularities and report on them, but having most of the perpetrators are managers who have access and knowledge of the system, what is defined regular and what would be considered as irregularity. The software solutions also are based on predetermined rules which are either possible to go around of or possible to fool, with the right knowledge.
Most of the practical attacks on computers exploit vulnerabilities. New security weaknesses are disclosed every day, A very large proportion of attackers gain access to enterprise networks via default, shared, or stolen credentials. Furthermore, organizations seem to have little visibility into this problem. It’s certainly best to prevent such incidents in the first place, but a second line of defense is to review accounts for signs of abuse or anomalies.
Furthermore, organizations systems are well protected from outside attacks but are very loose on security as far as insiders are concerned – with very little investment, as little as $10, the 'insider' can purchase a key logger, emulating the keyboard plug and bypassing all protections – and stealing all the data typed in to the PC. Computer keyboards are often used to transmit sensitive information such as passwords, e.g. to log into computers, to do e-banking money transfer, etc. A weakness in these hardware devices will jeopardize the integrity of any password-based authentication system.
In their research - 'Compromising Electromagnetic Emanations of Wired Keyboards' Vuagnoux and Pasini have provided evidence that modern keyboards radiate compromising electromagnetic emanations
. The four techniques presented in their paper prove that these basic devices are generally not sufficiently protected against compromising emanations. Additionally, they showed that these emanations can be captured with relatively inexpensive equipment and keystrokes are recovered not only in the semi-anechoic chamber but in practical environments as well (e.g. office). The consequences of these attacks are that compromising electromagnetic emanations of keyboards still represent a security risk. PS/2, USB, laptop and wireless keyboards are vulnerable. Moreover, there is no software patch to avoid these attacks. They have to replace the hardware to obtain safe devices.
Aymer believes the only valid and long lasting coherent solution is based on unique hardware products, that are designed to protect against the threats the organizations are facing and developed without compromising - "if it is needed but not yet developed, we develop it."
The Conundrum system was thought of with these problems in mind, presenting a new concept of which the keyboard is a very sensitive tool used by organizations as the main tool through which data is being sent to the PC – while servers that hold the data are well kept and monitored, the PC stations are left in the hands of the employees which have access to data and are not at all – or minimally - monitored.
Employees cannot be trusted endlessly; measures of protection must be used – to protect the employer from data theft and fraudulent actions.