OUR APPROACH

Implementing Zafepass Prevent & Protect, the mix of deperimeterization, software defined perimeter and the embedded true zero-trust principles, will provide a much more secure, user transparent and easy to manage IT architecture spanning also OT and IoT environments.


Deperimeterization involves removing the traditional boundary of the network. SDP allows for dynamic control of resource access, based on identity and trust.

Zero-trust takes it all a bit further assuming everything is untrusted until proven otherwise. True zero-trust eliminates any 3rd party security dependencies.


Putting it all together - added unique Zafepass prevent, impede, deter, divert, deceive and obfuscating techniques - you'll experience 'magic folding out'. 

As a user, you just launch Zafepass, wait a second and start work. Security is transparently built-in.

Users launch Zafepass (installation is optional), which automatically and securely locates the logon-gateway (one or more). The individual attributes are verified, and 'login & password' is also an attribute. Although Zafepass support long complex passwords and MFA - these are good to have, but not really needed. We simply got upset with the negative scores for not supporting long complex passwords within frameworks like NIST 800-53, CIS 18, ISO 27001/27002, PCI DSS, GDPR etc.

The Zafehouze CEO's login and password is "NEA" and his password is "zh" added the number of the month. You can without any risk use initials and '1234' if you like.

Once all attributes are verified the user is presented with the resources available determined by the security policy enforcement module.


Users love Zafepass, as they don't need to know anything about security, unsafe WiFi's, phishing, scripts, implants, malicious links, nation state attacks, infrastructure vulnerabilities, mal- or ransomware etc. Zafepass assumes everything unsafe and compromised - also inside the network perimeter - and is created to securely work in any hostile environments.


The IT/OT-teams love Zafepass as well. Never before have they had this level of control with the whole environment - users, devices, applications, services and data. Even the CFO love Zafepass - as it minimize the scarce resources needed to operate, integrate and manage a complex plethora of security solutions. Even the CISO and the GRC teams love Zafepass - data sovereignty, privacy, regulatory compliance etc. is equally easy to manage and control.        

   

Adding up all the ingredients, Zafepass provide extremely secure, fast and controlled access to any resource, from anywhere and any device.


You can place a gateway in front of an S3 bucket, an IoT sensor, in Azure, an ICS (Industrial Control System) and Zafepass will capture all communication, encrypt it and send it to the user requesting the information. If any data should be stored - it's encrypted with a key only the site-license (organisation) 'understand'. Should the user not have the application - Zafepass can 'pull' the application from the backend, run it in memory and present the data - and when Zafepass close, everything (and we mean everything) is wiped leaving no artefacts except a block of white-noice in the memory space used. 


If a link breaks - Zafepass automatically re-route traffic through other gateways/groups, and transmission is resumed once the connection is re-established.


Fragile elements, like DNS, DHCP etc., is not controlled by Zafepass.

   

Zafepass is created this way because users don't

care where resources are - they just want to

work and stay productive - and have no desire to become security experts.


Many IT teams are not security experts either - especially in smaller organisations. Therefore Zafepass address another major security challenge.


Manual complexity refers to the IT/OT team process of performing tasks or operations manually, often involving multiple time-consuming steps and high level expertise. With the lack of security-expertise, complexity is not improving security, nor speed or scalability.


Automated simplicity, on the other hand, refers to the process of automating tasks or operations, resulting in a much simpler and less time-consuming process, as well as it reduces the potential for errors. Zafepass is created so it requires less technical knowledge, making it easier for non-technical staff to perform tasks and manage the platform.