May 2014 Oak Brook, IL
Today, software developer mrc announces new security enhancements within m-Power. m-Power is a web application development platform that businesses use across their organizations to create web applications such as report-writing, Business Intelligence, executive dashboards, e-commerce, customer portals, and mobile applications to name a few.
According to this recent report, 2013 broke the previous all-time record for the number of exposed records caused by reported data breach incidents. The 2,164 incidents reported during 2013 exposed over 822 million records, nearly doubling the previous highest year on record (2011). As businesses rely more on web applications, this number will only increase in the coming years.
In response to these growing security threats, mrc just bolstered m-Power's security with two new enhancements. These new features include:
With this new enhancement, mrc gives m-Power users the ability to add two-factor authentication to their web applications. An increasingly popular security option, two-factor authentication adds a second level of security to an account log-in. Used in the most secure web services across the web, two factor authentication is designed to maintain security, even if a user’s login credentials are compromised.
For example, a web application using 2-factor authentication will ask a user for their mobile phone number upon account creation, and verify the device via a pin number delivered via SMS message. As illustrated in Figure 1, any time a login attempt is made from an unrecognized computer, the application can automatically verify the user’s identity via another pin number delivered to the verified phone. Without the correct pin number, the user cannot access the account.
Enhanced password encryption
m-Power now supports a wide variety of encryption methods for user passwords, and also lets users encrypt new passwords automatically. A critical security component, encryption converts passwords into random strings of text for storage in a database—protecting user information in the event of a security breach.
For instance, if an attacker gained access to a database full of unencrypted user sign-on credentials, all of that data is easily accessible as it is stored in plain text. If filled with encrypted sign-on credentials, the attacker cannot access the data without a decryption key. In this way, password encryption protects user data—even if the database is compromised.
"As security threats evolve, web applications must evolve right along with them," says Tyler Wassell, mrc's Manager of Software Development. "These new enhancements help m-Power users keep their data and their applications secure in an increasingly insecure world."###
For additional information contact mrc via phone at 630.916.0662; via fax at 630.916.0663; via e-mail at email@example.com.
mrc's development tool suite, m-Power, is used to create business applications and can run on any database or platform that supports Java (e.g. OS/400, Linux, Unix, and Windows). m-Power is used to create an endless variety of business web applications such as: Mobile apps, Web reports, dashboards, eCommerce apps, business intelligence, and more.
mrc was a recipient of the Apex Award for application development, is a long-time IBM Business Partner, and has been producing award-winning development software since 1981.