SentryBay, Enterprise SAS

By: Sentrybay  06-Dec-2011
Keywords: Security

An access management solution needs to balance a number of elements, some of which are potentially conflicting:

1:: High security

2:: Simplicity in deployment and maintenance

3:: Ease of operation for users

4:: Cost-effectiveness

5:: Ability to adapt to changing conditions

With these issues in mind, SentryBay's engineers have developed the Secure Access System (SAS) utilizing our acclaimed patent-pending technology.

The SAS is extremely user-friendly and simple to deploy and maintain - but rather than compromising security to achieve this - the security measures included are first class.

SAS provides protection against Phishing, Pharming/MITB, Man-in-the-Middle/Replay attacks and Key Logging - which together represent the most severe threats to secure online access.

How the SAS Operates

The diagram below illustrates the key operations of the SAS

The SAS is made up of the following elements:

1:: A content-controlled, cut-down browser provides a direct, secure link between the cd-rom and the bank's web server.

2:: A Unique Security ID provides the first factor of user authentication.

3:: The standard login details - protected by EntryProtect's patented anti-key logging technology - provides a secure second factor of user authentication.

4:: System authentication of the corporate website overcomes Pharming/MITB threats.

5:: End to end encryption of the data protects against all forms of MITM and Replay attacks.

6:: Decryption library and basic amendments to the existing authentication database.

User Experience

The user simply runs the software from the desktop (or inserts device), the login page is automatically loaded and authenticated, and the user then enters their login details as normal.

This process involves minimal change in user habits, is very simple to understand and much quicker than alternative solutions - while being ultra-secure.


Companies are provided with a detailed SDK providing all files. Deployment normally takes only a few days, and involves minor additions to the database, insertion of a decryption library and small modifications to the relevant web page(s).

The software can be downloaded securely from the company's web server, issued via cd-rom, or via a hardware device such as a cd-rom or flash drive. The first time the devices are used the Unique Security ID is automatically recorded against an individual customer - and from that point on the software/device can only be used in conjunction with that customer's login details.

As the database requires no ongoing manual intervention or updating, the SAS is much less resource-intensive than other two-factor authentication solutions.

Keywords: Security

Contact Sentrybay

Email - none provided

Print this page

Other products and services from Sentrybay


SentryBay, Data Protection Suite

PhishLock is able to automatically prevent any user from submitting confidential information to a phishing site.PhishLock is initially "trained" to identify a phishing site when it is loaded. Deployment is via any installation package and can be conducted in a matter of minutes.


SentryBay, Enterprise and Consumer Product Solutions

SentryBay’s patent-pending anti-key logging and anti-phishing technology has formed the basis for a number of market-leading, enterprise-strength solutions that address both internal and external security issues. This can be included as part of an employee benefit scheme or provide an opportunity to generate revenue for the organization, thus increasing the ROI from deploying SentryBay’s solutions.


SentryBay, PhishLock Enterprise

SentryBay have developed the first comprehensive anti-phishing protection that specifically protects users of a company’s web application. PhishLock also immediately alerts the oganization of the phishing attack so that they can begin the process of closing the site down. PhishLock is able to automatically prevent any user from submitting confidential information to a phishing site.


SentryBay, EntryProtect Enterprise

EntryProtect prevents the uplifting of any sensitive data such as user names/passwords, credit card/bank account details and any other identity-based or sensitive data entered into a web-based application. As EntryProtect provides true end-to-end encryption of all transmitted data, it also provides full protection against MITM and replay attacks.


SentryBay, Personal Data Protection Suite

Proactive nature of SentryBay’s solutions mean they can protect against brand new threats better than any other solution – counter-acting the weak points of conventional desktop security software. The Personal Data Protection Suite can be downloaded and installed in less than a minute, providing the most comprehensive, real-time data protection for users of the web.


SentryBay, EntryProtect for PC Applications

EntryProtect operates by identifying all areas of the operating system where information can be uplifted and provides patented techniques that thwart the attacker at every level. Integrating SentryBay's key logging protection prevents such security events and provides the vendor with a key security feature to help generate revenue.


SentryBay, EntryProtect Universal

EntryProtect ensures it has first access to the data then either “masks” the data by replacing it with false characters - or prevents access to the data. Its effectiveness has been confirmed in independent testing by West Coast Labs, the leading laboratory that evaluates security software. Can be easily downloaded or used as part of the SentryBay Traveler USB drive solution.