You will often see estimated costs for cybersecurity as 10-15% of an IT budget, but this only accounts for the hardware and software that is required to secure the network when you are using traditional technologies, and it’s actually the smaller part of the costs. Network administrators—who have to maintain firewalls with extremely complex rulesets, monitor constantly for threats, manage fixed IP addresses for VPNs, and monitor open ports that are often required for various devices—are, by far, the most significant cost to an IT organization. This cost can be compounded when two companies try to work together, either through a partnership or merger.

Atsign’s technology not only saves money on software and hardware costs, it saves substantially on IT personnel and their mental health.

Simple Security, Big Gains 

Yes, firewalls and VPNs cost money, but the real sinkhole is the process of approval for network changes, making those changes, and then ensuring they remain stable, especially when nothing seems trustworthy.

Atsign changes the trust model. The atPlatform gives the ability to cryptographically prove identity by having a network address (an atSign) that must cryptographically sign challenges to prove they are who (or what) they say they are. Read more about atSigns, here. Making every person, entity and thing addressable and cryptographically secure, frees up administration. When two businesses want to exchange information, they simply allow for their known atSigns to communicate. 

Secure By Default

From a network point of view, you can employ our CTO and Co-founder Colin’s favorite ruleset: deny all inbound. With the atPlatform, you only ever need to make outbound connections. An example where this ruleset would be essential would be in a DMZ network. Taking our example from the beginning, two companies joining together would do so in much the same way, just without the complexity of the network-level rulesets, and without having to involve third-parties that have the ability to see your data.

Image: Cost comparison between traditional solution (left side) and Atsign solution (right side).

73% Cost Reduction

The atPlatform offers a 73% cost reduction as opposed to traditional cybersecurity approaches, whether that is joining two companies, or extending your network to another network. And that 73% doesn’t even include the drastic reduction in ongoing power consumption costs. 

Sustainable, too.

Running firewalls and VPNs just adds more hardware to a given network setup, which consumes power. Atsign infrastructure allows for less hardware since we don’t need firewalls, and, since the data is already encrypted, we don’t need VPNs, either. The atPlatform gives us a vision and a tangible way of making networking technology much more sustainable.

See For Yourself

Atsign technology will deliver more cost-effective experiences on the Internet. You can get started today for free by trying out NoPorts, a remote access tool that enables secure, private device communication without the need for any open ports, making devices invisible to potential attackers. 

From the very beginning, the founders of Atsign decided to make their software open source. There are many reasons for this, detailed below, but the fundamental reason was that open source reflects the values of the company – open. We want to be open to collaboration, open to ideas, and open to everyone who wants to be a part of this fundamental shift on the internet to privacy and security.

The Foundational Principles of Open Source

The following values highlight why open-source is fundamental to Atsign technology. These values are community-driven, aligning with Atsign’s core values.

Continuous Improvement: Open-source technology allows the best ideas to rise to the top. Open source is equitable, enabling people from diverse backgrounds to contribute to improving projects they are passionate about.

We want to build technology that is helpful to people. Being open source allows us to engage with communities directly, to see what they actually care about and want to see improve with our technology.

Transparency & Trust: Technology built on open-source principles is inherently more trustworthy. There are no secrets because the code is there, wide open for all to see; organizations can prove that they are not acting maliciously with their code.

We want to collaborate with partners, not trap them into an proprietary ecosystem.

Open-source technology helps companies remain flexible, allowing for quicker changes in the face of evolving markets. Avoiding vendor reliance–or lock-in–is a significant reason why many companies choose open-source technology.

Open source means organizations can exercise freedom of choice without bracing for the cost-prohibitive changes that come with trying to leave proprietary software.

Security: Open source works under the notion of “secure by verification,” meaning anyone can view the code to verify that there are no major vulnerabilities or bugs, and that companies are held accountable for the integrity of their code. The collaborative spirit of open source also allows for more hands on deck when addressing security needs and finding bugs.

Open Source in Practice, with NoPorts

NoPorts is our award-winning remote access product built on open-source technology. No Ports takes a novel approach to networking, offering connections without having any open listening ports.

This commitment to open source is more than just a philosophy for us; it’s the foundation of how we build and deliver secure, reliable, and innovative solutions. Being transparent and fostering a collaborative community ensures that everyone benefits from the collective intelligence of the open-source world.

We invite you to join us and try NoPorts! 

Patent Granted!

We’ve reached a major milestone! Atsign® was officially granted US Patent No. 11,849,053-B2 for our work on the revolutionary atProtocol®. 

This patent is a concrete recognition of the power of Atsign’s technology and its ability to change the way people and things interact on the Internet. 

Furthermore, we honor and remember our late co-founder, Kevin Nickels, whose name will continue to live on through this patent. Kevin’s dream of a better Internet continues to flourish with the technology he so passionately supported and built. 

The atProtocol

The atProtocol is an open network protocol. Because it provides security and privacy at the protocol level, it eliminates the need for the traditional add-on security layers such as firewalls and VPNs. 

The atProtocol can be used in conjunction with desktop and mobile apps, IoT devices, enterprise applications, or any other software that uses a network to send and/or receive data. 

Using the atProtocol

NoPorts is a secure remote access solution built on the atProtocol. It enables you to connect to devices without requiring open ports, static IP addresses, or complex firewall configurations. By eliminating typical network vulnerabilities, NoPorts helps ensure your devices connect securely and stay protected.

Start a free trial of the professional version for full access, or try the free version for personal use.

Flipping Cybersecurity with atPlatform

When we walk the floors of cybersecurity events, most vendors talk about ‘managing attack surfaces,’ and using ‘solutions’ to monitor and react to threats. These solutions are expensive, and do not solve the problem at the source. Our philosophy is, Why have an attack surface at all? 

From his experience in the field, Atsign’s Go To Market Specialist, Anthony Prakash tells us in his speech from the TIA Summit that, “The cybersecurity market is focused on cure, not prevention.” With this approach, these unsustainable costs have risen to upwards of $8 trillion.¹

Instead of placing layer upon layer of security on top of more layers and layers of security, why not address the problem at the root?

Removing Network Attack Surfaces

Attack surfaces are the entry points that malicious actors exploit in order to gain access to a network, with open listening ports being particularly vulnerable to attack. Traditionally, organizations and individuals will deploy layers of security like firewalls, threat detection systems, and network segmentation or VPNs to try and mitigate the damage done from cyberattacks. All of these solutions are expensive and take time to configure. 

We wanted to avoid the headaches associated with the traditional methods of securing a network, so we thought, “If there’s no attack surface, then there’s nothing to attack.” The simpler the solution, the better.

• Our atPlatform offers a new approach to cybersecurity based on prevention.
• The atProtocol® is decentralized, and the SDKs use end-to-end encryption; there are no network attack surfaces.
• Our tech allows people to control their data and choose who can see it.
• The atPlatform can be used in a variety of applications, including smart cities, logistics, and healthcare.

Further Steps

1. Check out Anthony’s Summary of the TIA Summit.
2. Read CTO and CO-founder, Colin’s article on Networking 2.0, which explains the concepts behind the atPlatform.
3. Test our technology for yourself with NoPorts, the remote access tool that allows you to access your remote devices without opening any network listening ports. Start for free today!

¹Esentire – 2023 Official Cybercrime Report

If you don’t want your radio station to be hacked by a Scandinavian rock-music-loving hacker, then you need Atsign’s Networking 2.0 technology.

After KRYZ Radio in Mariposa, California had their signal stolen by a Swedish Rock station, leadership contacted their friend, Atsign’s Colin Constable, for help. Luckily, Atsign was preparing to launch a new, Networking 2.0 tool, SSH No Ports, that turned out to be the perfect way to protect against future signal hacking. 

For the full release, (that we really enjoyed writing!) and to hear the entire story, head over to GlobeNewswire.

Dive Deeper

Read more about Networking 2.0 or email us at info@atsign.com. 

For a free trial of NoPorts, the remote sys admin tool that got the station back on track, visit NoPorts.com. 

We love talking to customers, so please reach out to support@noports.com with any questions, or set up a demo to see SSH No Ports in real time. 

We Passed the Test

SSH No Ports recently underwent penetration testing with leading cybersecurity firm, Fortis Cyber Security Limited. They used both manual and automated tools to attempt to identify and exploit any security vulnerabilities. As quoted in the report, “Penetration testing revealed that the system does not immediately present any dangerous security conditions.”

This is great news for our customers because it validates our vision for Networking 2.0, and proves that SSH No Ports:

• Is secure and can stand up to cyberattacks:
• There are no network attack surfaces.
• Is built to comply with data regulation in different industries e.g. healthcare and finance:
• Data is end-to-end encrypted, with the cryptographic keys cut at the edge on the device.
• Is a sysadmin’s dream: 
• No need for static IP addresses, and you can securely access your device behind firewalls and within private networks.

If you’d like us to send you a copy of the report, please email us.

You can try NoPorts for free!

Secure RDP (Remote Desktop Protocol) is now supported with NoPorts. We know how important it is to be able to access your desktop quickly and securely from anywhere. RDP functionality has been a popular request, and we are thrilled to deliver it.

Typically, when using RDP, you need to open port 3389 on the desktop you are remotely accessing. Using NoPorts, you are able to RDP (using your preferred RDP application)  into your desktop without the desktop having any open listening ports.  

Atsign Software Engineer, Jeremy, demonstrates how quick and easy RDP setup is once NoPorts is installed.

Whether you are a system administrator or a remote worker, RDP with NoPorts is the simple, fast way to connect to your remote desktop with no open listening ports. 

Ready to try RDP with NoPorts? Start a free trial of the professional version for full access, or try the free version for personal use.

We’re thrilled to announce the launch of SSH No Ports v4! This major update to our award-winning tool makes secure remote access available on a wider variety of devices, enabling system administrators, OEMs, systems integrators, and app developers to incorporate the unique addressability and security features into their solutions.

This major update makes remote access even more secure, hassle-free, and powerful. For the full press release, click here.

SSH No Ports v4 is a transformative network management tool that eliminates the need for open ports, static IP addresses, VPNs, and complex firewall configurations. This not only simplifies remote access management, but also enhances security and reduces the risk of unauthorized access.

Featured in this release: 

• Windows Client Support
  SSH No Ports is a big hit with Linux and MacOS fans, and we’re excited to bring its benefits to Windows people as well. With SSH No Ports v4, in addition to Linux and MacOS, you can now connect to your devices from a Windows machine, too!
• Expanded SDK
  We’re also excited to announce the expansion of our SDK, which now provides developers with even more flexibility and control to integrate SSH No Ports into their own applications and workflows. Whether you’re building a custom remote access solution for your organization or developing a product for a wider market, the expanded SDK makes it easier than ever to leverage the power of SSH No Ports and Networking 2.0. 

SSH No Ports v4

If you are a system administrator, developer, or simply someone who needs to access your devices remotely, SSH No Ports v4 is the ultimate solution. With its unmatched security, ease of use, and support for Windows, MacOS, and Linux, SSH No Ports v4 makes it easier than ever to connect to your devices and data from anywhere in the world.

Read more about SSH security and try NoPorts for free today!

The Introduction of Microsegmentation

Microsegmentation was first introduced around 2014 by VMware. The idea was simple: break up the network into smaller pieces so that if someone gets in, they don’t get everything. Instead of the attacker gaining access to your whole environment, they’re limited to one slice. It was a good idea at the time.

The idea started with the (Swiss) banks and the notion of a “network zoning concept.” The arrival of Software Defined Networking (SDN) presented a much easier way to create and manage all those zones.

Microsegmentation meant defining security around applications, environments, tiers, or groups of people You’d build smaller zones inside your network, often with software firewalls, and then write rules for what could talk to what. It was a step up from broader network segmentation, which mainly divided traffic by subnets or VLANS.

The Limitations of Microsegmentation

To say that microsegmentation is complex at scale is a bit of an understatement. In today’s world where we are constantly adding new IoT devices, AI agents, and AI models, microsegmentation architects must determine for every one of those new elements which segment they live on, who can access them from different segments, and then set up all those crossfunctional rules.

As an analogy, imagine that your city wanted to offer more protection to citizens, so they built walls around each neighborhood and people would need to be authorized to cross those boundaries. So if you and your friends want to take a hike in a different neighborhood, you would each need authorization to cross those boundaries. Now imagine there is a new AI service that multiple people want to access, for this analogy we will call this a new rideshare business. The business must be authorized in every neighborhood individually. You can see how this would be extremely difficult to maintain over time.

Introducing Picosegmentation

Moving on with our analogy, imagine that, instead of putting walls between neighborhoods, each person was protected individually. You could have a policy manager in the city who decided what services would be accessible, but the control could be at the individual level. This is what the atPlatform provides for security. Each element including services, servers, cloud instances, AI agents, AI models, IoT devices, or humans can be individually protected. In our analogy, each person would decide who had access to them.

This vastly simplifies network management while increasing security. If a bad actor gets into one device, they can only get into that device, they can’t make a lateral movement to other devices or services. This not only makes everything on the network safer, but it discourages attacks because the payoff is so low.

This architecture of picosegmentation is Zero Trust by design. Nothing trusts anything on the network by default. The atPlatform is an implementation of picosegmentation that cryptographically authenticates who you are at every interaction. Additionally, the atPlaform switches the current model of “connect then authenticate” to “authenticate then connect,” further limiting the potential attack surface.

Network Segmentation vs. Microsegmentation vs. Picosegmentation

Here is an overview of the differences between network segmentation, microsegmentation, and picosegmentation:

Implementation

The nice thing about network segmentation is that you can implement it over time, segmenting new networks as they come online. But with microsegmentation, you must decide on how zones are going to be set up and basically switch to microsegmentation as a whole. The implementation of microsegmentation is a much larger project, time intensive, and expensive.

However, picosegmentation is far simpler to implement. You can start with something simple like NoPorts and implement it first for your most critical resources – something like remote access for admins to important servers. As new services come online, such as AI agents or IoT resources, you can implement picosegmentation for anything new, then go back over time to bolster your entire network security profile over time with picosegmentation.

Microsegmentation in Practice

Picosegmentation in Practice

Diagram 4: With picosegmentation, the focus shifts to protecting individual elements within and across all VPCs. For HR, Finance, and CRM services, each interaction between any two elements (e.g., a user accessing a specific HR application, or a finance service interacting with a CRM module) is individually authenticated and authorized. This eliminates the need for complex firewall rules between VPCs, as security is enforced at the point of every connection, dramatically simplifying management while vastly enhancing overall security and limiting lateral movement.

Try out picosegmentation today with a free trial of professional NoPorts. A separate free version is available for personal use.

The AI revolution is upon us. Venture capital has poured billions into companies promising to unlock the transformative potential of artificial intelligence. But amidst the excitement, a critical question often gets overlooked: “With cyberattacks being so widespread, how can you safely implement AI?”

While investors are understandably focused on the innovative applications of AI – from self-driving cars to revolutionizing healthcare to optimizing supply chains – they must not lose sight of the critical importance of security. As AI systems become increasingly sophisticated and integrated into our lives, evolving from simple responders to autonomous agents capable of executing real-world actions, the risks associated with data breaches, malicious exploitation, and unauthorized access become exponentially greater.

Consider these scenarios:

• A healthcare AI company: How can AI be given appropriate context about medical data in a secure and federated way?
• A financial technology company: How is the company safeguarding customer financial data, preventing fraud, and ensuring that AI-powered trading algorithms operate ethically and responsibly? A breach of financial data could lead to significant financial losses for customers and damage to the company’s reputation.
• A global logistics company: How is the company ensuring the security of its AI-powered supply chain management system, preventing hackers from manipulating inventory levels, disrupting shipments, or stealing sensitive data like supplier contracts and customer information? A breach in the supply chain could have severe consequences, from production delays and financial losses to reputational damage and even national security implications.

These are just a few examples of the critical security challenges facing AI companies across various sectors.

Beyond “How are you using AI?”

Boards must shift their focus beyond simply asking “How are you using AI?” to a more fundamental question: “How are you securing this?”

This requires a deep dive into the company’s security posture, including:

• Access Control
  • Which AI agent can access which data? For example, in a healthcare setting, can an AI agent designed for appointment scheduling access sensitive medical records?
  • Which person can access which AI agent? Can a junior employee access and modify the parameters of a critical AI system used for medical diagnosis?
  • Which AI agent can access which models? Can an AI agent designed for customer service access and utilize machine learning models developed for fraud detection?
  • Which AI agents can access which other agents? How are interactions between different AI systems within the company controlled and secured?
  • Fine-grained permissioning: Can access be easily granted, revoked, and modified based on user roles, context, and time?
• Data security
  • Encryption: Are all data transmissions and storage encrypted using robust, industry-standard algorithms?
  • Data privacy: What measures are in place to protect sensitive data, such as patient information, financial data, and intellectual property from unauthorized access and misuse?
• System security
  • Authentication and authorization: How are identities verified, and how are access controls implemented to prevent unauthorized access to sensitive systems and data?
    Vulnerability management: How many attack surfaces are visible to outsiders? How can you reduce or even eliminate them?

The Limitations of Perimeter Security and Microsegmentation

Perimeter security models, with their focus on firewalls and network segmentation, are ill-suited for the complex and dynamic environment of modern AI systems, especially in sectors like healthcare, finance, and supply chain management where interactions with external entities are frequent and critical.

• Complexity: AI systems often involve intricate networks of interconnected devices, applications, data stores, and cloud services, making perimeter security difficult (if not impossible) to implement and manage effectively.
• Attack Surfaces: Open ports and vulnerabilities in interconnected systems create numerous entry points for attackers, rendering perimeter defenses increasingly ineffective.
• Zero Trust Challenges: The principle of “zero trust”—that no person, entity, or device is inherently trusted and should only have access to the minimum amount of data required to perform its role—is difficult to implement within a perimeter-based security model, especially when dealing with a constantly evolving network of partners, suppliers, and customers.

The Need for Organic Network Security

To address these challenges, a new approach to security is needed—one that focuses on identity and trust.

• Simplified Access Control: An identity-based security model simplifies access control with fine-grained permissioning and flexible granularity, allowing users and AI agents to have precise control over data access and interactions.
• Built-in Cryptographic Authentication: Strong cryptographic authentication mechanisms ensure that only authorized entities, whether human users, AI agents, or external systems, can access and interact with the rest of the system safely.
• Invisible to Adversaries: An organic network security effectively eliminates attack surfaces by moving them to points that have nothing of value and do not allow direct access to the systems that do. Thus attackers cannot gain unauthorized access to anything of value.
• Zero Trust Architecture: An identity-based approach aligns with the principles of zero trust, where trust is not implicitly granted but must always be verified.
• Contextual Decision Making: Enables AI agents to provide different responses to the same request depending on the identity and authorization level of the requesting entity, ensuring that only authorized parties have access to sensitive information.

Investing in the Future of Trust

Investing in AI companies requires not just an assessment of their technological prowess but also a rigorous evaluation of their security posture. Companies that prioritize security and build trust with their customers will be best positioned for long-term success.

By asking the right questions and prioritizing security from the outset, investors can help ensure that the AI revolution unfolds in a safe, secure, and ethical manner.