Make digital access unbreakable

MyCena stops over 82% of data breaches by removing human risks in cybersecurity

MyCena Dashboard
01

Why MyCena?

MyCena is the pioneer and market leader in Access Segmentation and Encryption Management (ASEM).

MyCena is the first cybersecurity company to identify the two key logic errors made by companies internally that started the cycle of data breaches.

First, companies allow each employee to make their own passwords to access their systems and data. Having given away control of access, they don’t know when passwords are phished, social engineered, shared, sold or reused in personal accounts. The majority of breaches – over 82% – use employees’ login credentials. These aren’t external attacks, so aren’t detected by threat intelligence and detection tools.

Second, companies compound their risks by centralizing all their systems access behind a single employee-made master password or biometric. Privileged Access and Single Sign-On tools do not solve the loss of access control problem. In fact, they remove existing access layers and segmentation within the critical networks of the company, which crucially decrease their cyber-resilience. This is akin to building a fence around a nuclear plant in the physical world but leaving everything inside open plan. This allows criminals to log in, use lateral movement and privilege escalation to take over the entire network and launch ransomware attacks in a matter of hours. Zero Trust tools do not solve the loss of access control problem either, even though they reinstate the doors inside the building.

MyCena’s unique patented technology solve these two key logic errors. It helps organizations generate and distribute strong independent encrypted passwords for all their systems to all their employees. Encrypted from end to end, organizations always stay in command of their own access. This removes access control from employees’ hands as they don’t make, see or know any credentials, which then can’t be stolen, phished or lost. At the same time, access segmentation stops criminals from roaming inside networks and accessing large swathes of data, which effectively kills ransomware.

02

Rapidly Upgrade your security and resilience level

You can’t divulge what you don’t know . Encryption of access credentials prevents employees from giving out their logins and passwords during phishing attacks. And since no one needs to see or type a password, you can have as many passwords as you have doors, and counter lateral movements and escalations of privileges for criminals who already have access to your network.

To improve your overall security and resilience (not only IT, but also OT since they are very often connected), start with your critical infrastructure, then extend encryption and segmentation of access to all other systems to extend your coverage against phishing and ransomware attacks .

03

Single Access Accelerates Infections

For years, Single Access and privileged access has paved the way for cyber-pandemics. Set up to be fast and convenient, they give a blanket access to users – and hackers – once through a main gate to all other systems. This approach facilitates lateral movement and creates the perfect launchpad for supply-chain and ransomware attacks.

If this sounds familiar, it is because that is how COVID-19 spreads: when you put everyone in the same room, if one person has COVID, the virus will quickly infect others too.

Password Protection in Minutes
Password Protection in Minutes

Lessons from microbiology

Microbiology was born in the 16th century with the theory of contagious diseases. When COVID-19 hit the news, scientists knew exactly what first measures to take to stop the chain of contaminations. Almost overnight travels were halted, borders were shut and half the world went into lockdown. People were asked to stay home, social distance, wear masks and wash hands. Social gatherings were restricted as they multiply the risks of spreading the virus.  (More)

Password Protection in Minutes
Password Protection in Minutes
04

Segmented Access : the only path to cyber-resilience

To prevent a virus from spreading, the same rules apply in microbiology and cybersecurity. To mitigate viral pandemics, we apply social distancing, wearing masks and washing hands. To mitigate cyber pandemics, we need to apply systems distancing, by segmenting access and protecting each access with a strong unique password.

But the problem is our brain can’t create or remember those strong unique passwords. So we had to think of another way.

Password Protection in Minutes

Trying to solve weak passwords

The human brain was never meant to create and remember strong unique passwords. So when people need dozens of passwords, they simply use the same simple password or password patterns they can remember. Hackers simply crack them using social engineering, brute force, credential stuffing, dictionary attacks, password spraying… over 80% of data breaches start with weak, reused and stolen  passwords.

Password Protection in Minutes

Why centralising access is unsafe

To go around the problem of people using weak passwords, a first generation of solutions centralised passwords on the cloud, giving people a single password to remember. But what was convenient for users was also convenient for hackers. From one breach, they could now access everything under that account.

Ironically, centralised access never solved the weak passwords issue. It just concentrated the problem in one place, making master passwords a massive blind spot for company security. Because brains still can’t remember strong passwords, people continue to use easy-to-remember passwords, even though these passwords meet the criteria of length, special characters, lower and upper case required. For example, Maria2020Mars123! Is 17 characters, fits all the criteria but is still weak and easy to crack.

Password Protection in Minutes

The peril of privileged access

Some credentials have higher ROI than others. In the physical world, imagine if robbers wanted to steal from hotel rooms, they would try to get the master key from hotel managers to access all the rooms. Online, cybercriminals target IT and top executives to get their high privilege access keys, either directly or after breaching the network.

Password Protection in Minutes

Increased third-party risks

Since many companies have interconnected networks through their supply chain, stolen credentials in one company often lead to a cascading effect of further breaches in their network.

Password Protection in Minutes

Multi-Factor Authentication (MFA)

Multi-Factor Authentication is great whenever possible. But hackers have become proficient at SMS interception and SIM swaps, so you just can’t rely on MFA for security, especially if your password is weak.

Password Protection in Minutes

Is “passwordless” centralised?

“Passwordless” doesn’t mean passwords have disappeared from your company infrastructure. It just means people don’t need a password to open their main access. When that first door opens, all the other doors open from this one central command, therefore facilitating lateral movement for users and for hackers.

Password Protection in Minutes

The risks of sharing your “identity”

After the cyber-pandemics of 2020 (SolarWinds, FireEye, Microsoft, US government agencies…) we can ascertain that in a global digital world, you should trust no one to  keep your data safe. That is why fragile data like fingerprint, voice, face or retina… should never be shared nor stored on public servers. Unlike a password, they cannot be changed.

Password Protection in Minutes
05

How to Segment Access Safely

It took MyCena’s founder decades of struggling with her passwords – and a trip to the Ancient city of MyCenae – to find a way to safely segment access.

Passwords are just digital keys.

There is no need to create, type, memorize or even know your passwords. You just need to be able to find them and use them.

Inspired by the multi-layer security of the Ancient fortress city, we created a new way to access digital keys called Method of Access for Structured Stored Data (patented).

“Never memorize something that you can look up.” ― Albert Einstein

Password Protection in Minutes
Password Protection in Minutes

Passwords are just keys

In principle, passwords are just keys. When you need to open a door, you don’t have to create or remember a new key every time. You simply take the right key out and use it. MyCena applies that principle to passwords, which is actually an old concept. Just think about “Open Sesame”.

Password Protection in Minutes
Password Protection in Minutes
06

no mental effort for users

From that discovery, we created a robust portfolio of solutions based on the principle of a local MyCena fortress with multiple layers of security (Bronze, Silver and Gold), which only the owner can access with a combination of fingerprint, face ID, PIN, lock pattern and passphrase.

To use a password, enter your fortress, find the encrypted password and use it. There is no master password, no central point of access. MyCena generates strong unique passwords for all your accounts and saves them. Only open a door when you need to enter. With no passwords to create, remember, type or see, MyCena is quick, accurate, safe and reliable, prevents typing errors, and defeats keyloggers and screen-loggers.

Password Protection in Minutes
07

automated credentials security

Not all passwords have the same importance. MyCena offers three levels of protection for passwords, depending on their sensitivity. Generally, we recommend putting low sensitivity passwords like newsletters in Bronze level, medium sensitivity passwords like social media in Silver level, and high sensitivity passwords like banking in Gold level.

To access the different levels, each user needs a combination of finger print, face ID or PIN for Bronze, lock pattern for Silver and passphrase for Gold.

Password Protection in Minutes
Password Protection in Minutes
Password Protection in Minutes
08

Apply MyCena passwords everywhere, even on legacy systems

Passwords can protect every system when they are strong and unique, even legacy systems. They are versatile, economical, changeable and shareable. Which is why you see them everywhere … from the core (servers) to the edge (IoT, user).

With MyCena, you can turn each access point to any IT, OT, IoT, account, server…into a stronghold.

Password Protection in Minutes
09

Mitigate the next attack

No one knows where the next breach will come from, whether it will be a sophisticated attack or an insider threat or phishing. But any organisation can prepare to mitigate against spreading it just like a country against spreading a biological virus. With a distributed architecture, smaller data clusters and locked doors by default, you can mitigate the risk of the next breach spreading into a cyber-pandemics.

For example, if one system password is phished, it will only affect that system and the password can’t be reused for any other account. If you find out there was a breach, you can just change that one password using MyCena without touching any other password. That dramatically reduces your exposure to phishing and headaches after a breach!

Password Protection in Minutes
Password Protection in Minutes
Password Protection in Minutes
10

MyCena Desk Center for people working from home

There are two business versions of MyCena. MyCena Desk Center (MDC), a desktop version for Mac, Windows and Linux, was developed for containerised environments such as call centers, contact centers and BPOs where passwords cannot be shared outside the company console.

If your company follows strict security rules and shifted to work from home, MDC can be used to make sure employees can only log into their systems using strong unique passwords.

Visit MyCena Desk Center 

Password Protection in Minutes
11

MyCena Business Fortress for people on the move

MyCena Business Fortress (MBF), a mobile version for Android and iOS was developed for people on the move, MBF is more flexible and allows people to safely share passwords with one another through MBF or MyCena Personal Fortress (MPF).

MBF allows you to seamlessly copy your encrypted passwords from your mobile MBF into any desktop application using MyCena browser extension, available for Chrome, Safari and Firefox.

Visit MyCena Business Fortress

Password Protection in Minutes
Password Protection in Minutes
Password Protection in Minutes
12

Easy to roll out with Mycena console

MyCena console allows managers to distribute and control all company credentials from one place, without anyone seeing any passwords. Designed to integrate with existing business processes without change of any infrastructure, it powers a highly scalable and secure credentials management system. Hassle-free with no master password, no one needs to create, type, see or memorize any password.

MyCena console user guide shows you how to enrol users using Active Directory and templates, preload systems and passwords, manage rules, attributes, roles and permissions… To help you leverage the full power of our solution, you can also use our implementation templates ( IT, servers, IoT, call center agents…) to minimize the number of steps and avoid errors.

Password Protection in Minutes
13

Easy To Use For Employees

There is nothing more frustrating than forgetting your passwords over and over again. For IT helpdesks, resetting passwords represents 50-60% of their time! Meanwhile, waiting for passwords to be reset represents hours of productivity sink for employees.

Because there is no password to forget with MyCena and because of its simplicity of use, both IT and users can save a huge amount of hours and frustration, improve their workflow and increase their productivity.

Password Protection in Minutes
Password Protection in Minutes

Smooth transition period

If you are worried about minimizing disruptions on current operations, you can use a “buffer time“ during which users can upload and use their existing passwords until it is time for a password change.

Password Protection in Minutes
Password Protection in Minutes
14

No more password sharing in clear text

Sharing passwords in clear text is very common, via email, text, post-it or the cloud. How many IT teams share all their passwords on a spreadsheet on the cloud? How many people have passwords written down next to their computer?

To end these insecure practices, managers use MyCena to distribute encrypted, unique and strong passwords to each user within their local MyCena credentials fortress. If permitted by their company console, users can also safely share encrypted passwords among colleagues from fortress to fortress without anyone seeing them.

Password Protection in Minutes

Reduce passwords theft and fraud

In  MyCena, only the user can access and use their passwords without seeing them. That reduces the risks of password theft from keyloggers, screen loggers, social engineering, credentials stuffing…

If a password is phished, the others can’t be found since all passwords are auto-generated and independent.

Managers can also make passwords non-readable by default, meaning you can use them  but not see them, which reduces the risks of password fraud.

Password Protection in Minutes
15

People create security shield

People are a company’s strongest asset yet often seen as the weakest link in cybersecurity. When correctly leveraged though, people can create a security shield between your systems and automated hacking bots. Here is how.

To open a physical door, you need a real human to pick up a key, insert the key in the keyhole and turn the key to the open the door. A bot cannot do that.

With MyCena, you also need a real human to access their local fortress security levels, pick up a password and insert it in the right system to login. A bot cannot do that either.

Password Protection in Minutes
Password Protection in Minutes
Password Protection in Minutes
16

Monitor compliance without seeing passwords

Do you want to make sure your employees use their MyCena passwords? The optional Governance, Risk and Compliance (GRC) module helps you to monitor usage without seeing anyone’s passwords.

Different flags, warnings and alerts are set for managers to spot unusual behaviours, for example if an employee has accessed the same password multiple times or if they have not accessed their fortress for a long period of time.

Password Protection in Minutes
17

Mental relief for managers and users

Passwords are a common nightmare with “password breakdowns” affecting people’s mental health. Thanks to MyCena, people don’t need to think, create, remember or worry about passwords ever again, removing a huge pain over passwords!

For managers, it is a double relief as it removes their largest security blind spot: passwords. They no longer need to worry about whether people are still using the same password or if they follow security rules, since people are not involved in their creation. They can simply choose the maximum length of characters allowed by each system.

Password Protection in Minutes
Password Protection in Minutes
Password Protection in Minutes
18

Every organisation needs MyCena today

For years, over 80% of data breaches have started with passwords. It’s simply the easiest and cheapest way to hack! With COVID-19 pushing people to work from home, people further lost their office protection, connecting to company data using unsafe WIFI networks and unprotected devices. Hackers have taken advantage of the security chaos to launch industrial-scale attacks and maximise profits from ransomware, selling data, selling credentials… In fact, cybercriminals’ return on investment is now 1.5 times higher than counterfeiting and 2.8 times higher than drug trafficking. The lure of profits has prompted fierce competition between rival hacking groups who now race to get victims locked first.

All organisations in all sectors are impacted and need MyCena today: Government, Military, Police, Telecommunications, Security, Finance, Insurance, Banking, Infrastructure, Utilities, Transportation, Healthcare, Manufacturing, Publishing, News, Travels, Legal, Retail, Supply Chain, Non-profit, IT, IoT, E-commerce, etc.

Password Protection in Minutes
19

Protect the future of digital

To restore trust in networks, token gestures aren’t enough anymore. To sustainably protect the future of digital, companies and countries need to adopt a more balanced approach to digitisation, whereby success is measured as much by their accessibility as by their security.

Not only is MyCena easier to use and implement than most cybersecurity solutions, it is also more affordable and great value for money. Investing in MyCena innovative solutions will dramarically improve your security, help you comply with GDPR, LGPD, NYPA, HIPAA, CPRA…, and reduce disputes, litigations, fines and remediations over responsibility for frauds and breaches. By strengthening your systems security, you state to your employees, partners, suppliers, customers that you care about their security, and that whatever you build is “built to last”.

Password Protection in Minutes
Password Protection in Minutes

Customer Testimonial

#1

From compliance with LGPD to thwarting brute force attacks

"When we started the project to adapt the company to the LGPD, in the first few months we learned about and adopted the Mycena Security – Business Fortress credential management solution, as we understood that, at that time, having protection of the credentials of assets and systems would make us less vulnerable to attacks and invasions. It was a great surprise to have the result in the first weeks when Microsoft Azure security tools pointed out that some brute force attack attempts were frustrated due to the tool architecture, usability, and strong passwords we achieved when we started adopting Mycena."

#2

Reduction of contractual fines and other financial losses arising from fraudulent actions

"With Mycena we eliminate the sharing of passwords among employees. In other words, we make the environment strong and safe against improper actions; and in cases where such actions occur, we can directly attack the Root cause through the IP monitoring that the solution offers. This is now considered legal evidence for action of just cause, as we were able to prove systemically that the action departed from the employee intentionally. Another detail here is the trust we pass on to our client contractor influencing indirectly the portfolio/volume increase for our EPS. Thus increasing revenue"

#3

Reduction of unproductive hours

“With the use of Mycena we reduced by approx. 95% the pauses and loss of LOG arising from password forgetfulness or excessive unsuccessful attempts. By attacking this reduction, we increased the productive capacity for delivery of the planned work to reach our KPIs.  This directly affects the entire planning process because with greater production capacity we hire a smaller number of people (we reduce the % of unavailability that we put in sizing) and no longer have burden on KPIs, going to the bonus scenario in billing."

#4

Solution to counter rising cyberattacks with COVID-19 Work From Home

" I assumed the position of responsible for the company's technical area at the peak of the pandemic. All of our home-office employees were remotely accessing the server, with all access centralized being fast and convenient, until we started having out-of-hours access attempts from unidentified addresses. That's when the need arose for a tool to segmented access  this user information and increase our security. With MyCena I can have total control over the accesses and passwords of each user, facilitating the identification of access and password control in a single portal, in addition to the reports that we can extract quickly and conveniently.”

WHERE DO I START?

Use the Credentials Security Level (CSL) assessment tool to find out where to start

Discover your CSL
As seen in...

Subscribe To Newsletter

Receive our cybersecurity digest directly in your mailbox