As media reports have shown, it's simply too easy to obtain user account information, often with disastrous results to the account holders. Obtaining and using other peoples accounts is obviously highly profitable, if it wasn't, it wouldn't be in the news as much as it is.

For example, users remotely accessing an office email server will behave in characteristic ways that a scammer cannot know or emulate with any accuracy (if at all). GeoAssure monitors and profiles user login behavior to radically increase the probability that a login really is from the genuine user. 

Example user, Bob, typically accesses the system from a laptop in locations in and around Pittsburg, it's quite possible that logins from Baltimore, Denver, Seattle are not from the user, especially given that Bob can't quickly travel between these remote destinations! Because GeoAssure learns from Bob's login behavior, it recognizes that Bob logs on from a couple of different locations and from a couple of different computers. A scammer stealing Bob's login information would have to be in the same location and using identical equipment as Bob normally uses. Short of physical location breakin, the scammers are kept out.

Without GeoAssure: If someone stole your user ID and password, they could login to your account as if they were you. As far as the computer is concerned, they are you.  Every day, untold numbers (millions?) of phishing emails are sent and untold numbers of people who are duped into revealing their login information. It's no longer a case of if a login is compromised, its just when. The connecting computer simply cannot differentiate between the real user or anyone else.  Worse still, automated agents can be used to login and gather information in a fraction of the time taken by a human operator.

GeoAssure addresses the problem of not knowing who the actual user of a user id and password actually is or where they actually are. Put another way, do you really know who your users are?

The scams to obtain username / passwords combinations have become almost daily news and have drastically reduced the security of the traditional username/password combination.

WHO NEEDS IT

Any organization that allows sensitive data, email etc to be accessed from outside sources. From remote email collection to remote PC access, anyone with a valid username/password can get in. 

WHY DOES IT MATTER

Since username / password combinations can be guessed, faked, stolen or otherwise obtained, can you really rely on a simple username / password combinations to identify your users? 

Legal practices, health care, financial institutions -- any organization that allows external access to sensitive data -- needs better security than the easy-to-obtain username/password combination.

Email Is Sensitive!

One of the biggest data loss threats comes from "emal scanning" - the practice of taking a snapshot of a users email but leaving the actual email untouched so that the real user doesn't know it's happened. The practice can continue undetected for weeks or months. So who's really reading your email content?

With GeoAssure: Adding Geocation to your security system can dramatically increase the overall level of security. Now potential intruders have to actually be in the same location that the real user would be when accessing the system. The addition of the Geocate Login Proxy adds further security by learning the login behavior of real users and immediately highlighting potentially fraudulent login attempts.

The Geocate Login Proxy can be used for email collection, transactional systems, secure updates, and any application where user login security needs to be protected.