26/08/2022

Security protocols to prevent cyber attacks

By Mariana Marques

Cyber attacks are a significant concern of every company, particularly those that deal with sensitive information. Despite tremendous technological advancements, these attacks are still on the rise as hackers continue to find new vulnerabilities in systems. According to Accenture, 68% of business leaders believe that their cybersecurity risks are increasing. For these reasons, ensuring that you have strong security layers to protect your company is crucial. This article will guide you through two of the most common security protocols you should be aware of and implement in your company. Imburse provides both IP Whitelisting and SSO, alongside other functionalities like encryption. We only save sensitive information that is securely encrypted, enabling our clients to protect their data fully.

IP Whitelisting

IP Whitelisting is a security technique that whitelists IP addresses, giving IT administrators complete control over who can access the company’s system on their behalf. This process involves developing a list of IP addresses and assigning them to a user or a group that is trusted and that works directly with the company. These could be employees, contractors, clients, or anybody that need access to the company’s resources.

Only users whose IP address belongs to the trusted list can access the system, whether they connect through a private network or a VPN gateway. IP Whitelisting can be handled on firewalls, edge routers, web servers, VPN gateways, application layers, or SaaS applications. Businesses can set up IP Whitelisting themselves or use a third-party’s solution.

What is a whitelist?

A whitelist is a list of trusted users that can access the company’s resources, whether that be networks, apps, or other digital platforms. IT administrators create this list by gathering the IP address of every user. Once this list is created, they then have to add it to their whitelist using a firewall, router, or through a third party. These steps vary depending on who is handling the process.

An IT address is a unique address that identifies a device or a network. It is composed of a set of numbers separated by periods and mathematically produced by the Internet Assigned Numbers Authority (IANA). Whitelisting is a basic yet crucial step in ensuring that only trusted devices can access your company’s sensitive data or systems. This can prevent many cyber security attacks from happening.

IP Whitelisting with Imburse

Imburse’s clients can set up their IP whitelisting list so that only trusted IPs can access Imburse on behalf of the company or tenant. Setting up this solution requires opening a new ticket and requesting integration. Once the IP whitelisting is set up, clients can create up to 100 rules, and each rule can have various IP addresses. Clients can also tag IPs for organisational purposes.  Imburse uses the IPv4 protocol, so only public IPs can be whitelisted (rather than the organization’s internal IPs).

Benefits of IP Whitelisting

  • Extra security – Companies get an extra layer of protection that prevents external people from accessing private data.
  • Regulatory compliance– IP Whitelisting is a basic IT cyber security protocol that further strengthens compliance with regulations.
  • Easy set-up – IP Whitelisting is easy and convenient to create and maintain, as it only takes a few steps.
  • Visibility– IT administrators gain better visibility over who can and cannot access the network and resources.

Single sign-on (SSO)

Single sign-on or SSO is a feature that enables users to log in only once with one set of credentials and access various apps, platforms, or datasets. Companies usually use a wide range of applications and services daily. This requires employees to log in multiple times a day, with different credentials and often switching between platforms. SSO solves that fragmentation problem by enabling employees to easily and quickly access various platforms through a single login.

SSO also helps companies comply with regulations. Regulatory bodies require companies to document the controls and security measures they have in place. Since SSO reduces the number of credentials and logins needed, companies have an easier time documenting these. Plus, each login is an opportunity for attackers to steal details, so the fewer logins, the better.

Benefits of SSO

  • Regulatory compliance– SSO makes it less challenging for companies to document their security measures around data access.
  • Extra security– SSO prevents hackers from accessing data, reducing the number of times employees have to log in to apps and services.
  • Employee satisfaction – Employees can spare the hassle of switching between platforms and memorising various credentials, which makes their job easier.
  • Higher productivity– SSO enables teams to be more productive and save time.
  • More control – Your Microsoft account might be connected only to your computer. If a user can only access certain apps or systems with Microsoft account, it means that users will have to use that specific computer and not his private one that can be compromised.

Microsoft SSO with Imburse

Until now, Imburse offered Google SSO, enabling our clients to access the Imburse platform through their Google accounts. Imburse has recently added Microsoft SSO, which allows our clients to access our platform via Microsoft. Our clients can now log in to Imburse using their MS Office 356 credentials, making connecting to the payments world even easier and faster. To set this up, all that clients need to send us is their Azure email domain and their Client App ID. Imburse then sends a Redirect URL. Our clients can also add users to the Tenant Portal from their Account Portal.

Once the Microsoft SSO for Imburse is set up, clients simply insert their email into our login page. If the email address is configured with SSO, users will be redirected to the MS Login, where they can add their MS Office 356 credentials. If the email address is not yet configured with SSO, users will be prompted to add their password.

About Imburse

Imburse is a cloud-based middleware connecting large enterprises to the payments ecosystem, regardless of their existing IT infrastructure. Through a single connection to Imburse, enterprises can collect or pay out using various payment technologies and providers around the globe.

In a world where consumers’ payment preferences and technologies are ever-evolving, Imburse works with insurers to future-proof their payment requirements. Regardless of the business area, market, or needs, Imburse will connect you to your choice of technology and provider.

Reach out to our team should you want to discuss how Imburse can help you. Our team is happy to show you what our platform can do for your business and offer you a free demo.

About Mariana Marques

Mariana is a content writer at Imburse, specialising in Finance and Technology topics.

Back
Share to:
Connect to global payment technologies for premiums & claims pay-outs
Learn More