Cloud Security Alliance has unveiled its Top Threats to Cloud Computing: Egregious Eleven report, which lists the top 11 cybersecurity problems facing cloud computing users. In this fourth installment, the CSA surveyed 241 industry experts on security issues in the cloud industry. It is the first major update to the list since 2016, when Alliance released the Treacherous 12. The Top Threats Working Group used the survey results along with its expertise to create the final 2019 report. These issues are inherently specific to the cloud and thus indicate a technology landscape where consumers are actively considering cloud migration.  The following issues are often the result of the shared, on-demand nature of cloud computing.

1. Data Breaches

2. Misconfiguration and Inadequate Change Control

3. Lack of Cloud Security Architecture and Strategy

4. Insufficient Identity, Credential, Access and Key Management

5. Account Hijacking

6. Insider Threat

7. Insecure Interfaces and APIs

8. Weak Control Plane

9. Metastructure and Applistructure Failures

10. Limited Cloud Usage Visibility

11. Abuse and Nefarious Use of Cloud Services

Data breaches top the list

We won’t be surprised to see that Data breaches still top the list, unmoved since 2016. It means that data breach is still the primary objective of a targeted attack or merely the result of human error, application vulnerabilities or inadequate security practices. A data breach involves any kind of information that was not intended for public release, including—but not limited to—personal health information, financial information, personally identifiable information (PII), trade secrets and intellectual property.

Insufficient Identity, Credential, Access and Key Management

Identity, credential, access management systems include tools and policies that allow organizations to manage, monitor, and secure access to valuable resources. Cloud computing introduces multiple changes to traditional internal system management practices related to identity and access management (IAM). The report stated that it isn’t that these are necessarily new issues. Rather, they are more significant issues when dealing with the cloud because cloud computing profoundly impacts identity, credential, and access management. In both public and private cloud settings, CSPs and cloud consumers are required to manage IAM without compromising security.

As a result, Insufficient Identity and access management, number 4 in the list of threats has actually grown up and this report suggests an interesting and somewhat new perspective on cloud security. This new outlook focuses on configuration and authentication, and shifts away from the traditional focus on information security (e.g., vulnerabilities and malware).

These security issues are a call to action for developing and enhancing cloud security awareness as the report stated or to choose an on-premise solution because you can only trust what you control and can audit yourself.

Enterprise Solutions and not Cloud Services

We offer a complete enterprise security solution which should cover the needs for a majority of companies, organizations and individuals. Our solutions are opened but not cloud-based. We do not provide a central security hub that you have to trust blindly. We provide a software product via appliances or installers. It is Linux-based and easy to install and maintain. We prefer that you get the full control on your security infrastructure. Yet this is not limited and you can use our solutions for building security services or for securing cloud applications and hosted systems.

A NATO agency, the North Atlantic Treaty Organization which is an intergovernmental military alliance between 29 North American and European countries tapped RCDevs to implement multi-factor authentication across his infrastructure.

NATO’s purpose is to guarantee the freedom and security of its members through political and military means. NATO is committed to the principle that an attack against one or several of its members is considered as an attack against all. This is the principle of collective defense, which is enshrined in Article 5 of the Washington Treaty. NATO is an alliance of countries from Europe and North America. It provides a unique link between these two continents, enabling them to consult and cooperate in the field of defense and security, and conduct multinational crisis-management operations together.

“NATO is probably the biggest intergovernmental military organisation in the world and we’re honored to be working with them”

Charly Rohart CEO of RCDevs

OpenOTP Security Suite has been selected because it’s a comprehensive tool which provides enterprise-grade security solutions suited for multi-factor authentication with OTP / FIDO, federation, identity management, PSD2 compliant secure transactions, electronic signature and SSH Key Management. OpenOTP Security Suite combines mobile technologies with proven security standards to offer the best alternative for professionals and non-professionals requiring cost-effective solutions compatible with their user’s mobility. The fact that our platform integrates seamlessly into any IT infrastructure to enables a centrally-managed security control center has been a determining factor in the choice of our solution.

Each year the LHoFT release the #Luxembourg #FinTech map which presents the most important companies in different categories related to Fintech. We are proud to be in good company for Cybersecurity and authentication. Thanks to @The_LHoFT with support from @ALFIfunds, @LuxFinance, @ACAluxembourg and @ABBLbanking for this initiative. The next step? Expanding our vision and knowledge across Europe!

RCDevs SA, a Luxembourg based enterprise authentication company and Feitian Technologies (SZSE: 300386), the leading supplier of user authentication and transaction security devices, today announced a partnership to provide combined solutions to secure Enterprise access.

VERIZON 2018 Breach Report continued on highlight of the 2017 report, that majority of reported incidents leveraged from stolen or compromised passwords. Cyber criminals continued to find path of least resistance to their target, that path or weakest link being corporate services requiring only single factor. With number of incidents growing year-on-year, securing access in today’s hybrid enterprise is imperative in achieving a mature risk posture.

The RCDevs/Feitian Technologies partnership aims to directly reduce risks caused by compromised passwords.

RCDevs and Feitian Technologies cooperation allows companies to leverage security of Feitian OTPs, PKI and FIDO U2F / Fido 2 devices throughout the enterprise authentication landscape, ensuring compliance and reducing risk of compromised access. 

Combination of RCDevs continuous drive to innovate and support latest authentication standards and Feitian strong experience in manufacturing high quality authentication devices marks a guarantee of an all-encompassing authentication solution that provides best in class form factors at an affordable cost, now and in the future.

RCDevs and Feitian alliance purpose is to respond to the present and future needs of our customers. It is crucial nowadays to propose turn key solutions with expertise delivered quickly that adapts to fast moving ecosystems driven by increased needs in mobility

said Huang Yu, CEO of Feitian Technologies. 

RCDevs partnership with Feitian is a great opportunity for us to be able to offer to our clients complete authentication solutions including devices featuring latest industry standard form factors such as FIDO2

said Charly Rohart, Founder and CEO of RCDevs.

Feitian website:

The IT-fair is combined with Data & Cloud Expo back in Brussels Expo! You can gain within 2 days new inspiration, information and expand your network and meet new innovations and the latest developments in the IT-industry.

RCDevs will be present at Infosecurity Belgium Expo on March 20 & 21 2019. Interested in meeting RCDevs and discovering RCDevs powerful products? Just register and join RCDevs team at booth A090 to share nice moments!

RCDevs has released a new OpenOTP version supporting the FIDO2 authentication standard in addition to the previously supported FIDO1/U2F.
FIDO2 builds on and improves U2F by incorporating the World Wide Web Consortium’s (W3C) webAuthn standard. This will further improve the  browser compatibility and provide support for PIN codes, biometric identification and password-less login.

Meeting partners and clients at RCDevs Afterwork. RCDevs CEO Charly Rohart giving a presentation to a full house on latest trends in of Multi-Factor Authentication – logging into Macbook with OpenOTP Token and proximity access over bluetooth drawing attention.

As a proof of ongoing work towards becoming industry leader in supporting open authentication standards, RCDevs is now proud to announce support for FIDO2 in its awards winning OpenOTP MFA platform. With FIDO2 RCDevs continues on it’s disruptive approach of providing strong authentication as free, for any small business and best in class affordable MFA for businesses of all sizes. With OpenOTP companies can leverage and enjoy the unique advantage of enterprise wide FIDO2 authentication, covering every corner of MFA, from corporate O365 and remote users to desktop login and privileged access.

If you like to start with FIDO2 today, visit and get your best in class FIDO2 compliant MFA platform for free.

1 2 3 5