Back to Blog

Talon’s Account Shield: Securing the Keys to the Castle

By Peyton Padfield, Product & Content Marketing Manager | November 30, 2023

Have you ever lost your house key? Maybe after a night out or a day at the park, you come home, looking forward to relaxing on your couch only to find that, when you reach in your pocket, no keys are there to greet you.

What a nightmare.

Retrace your steps, worry about someone having access to your house, ask around, post to social media, “lost keys – reward”, retrace your steps, worry.

Eventually you either find them on the sidewalk (phew!), or, more realistically, they’re gone forever. What then? Well, you’ll probably have to change your locks. Another huge headache and expense simply because someone might be able to get into your house when they shouldn’t. All because of your keys.

You might be able to see where we’re going with this. This “lost key problem” is quite similar to an issue that many IT and security teams deal with every day. When a third-party needs access to, for example, a corporate file transfer system, they need to create a user account and password. This user account and password, once created, is just like a lost house key for any organization. It’s nearly impossible to know when and how the sensitive file transfer system is being accessed, who might have knowledge of that third-party’s user account info, and, maybe worst of all, how often that third-party reuses their password. The same password that could give access to some of your organizations most sensitive data.

This problem is why we’ve developed a feature for the Talon Enterprise Browser we call Account Shield. This feature is designed specifically to secure highly sensitive web applications which are often accessed by workers outside your organization. By uniquely salting user passwords within the browser, Account Shield enforces Talon as the sole gateway to access critical online resources. This feature is a game-changer for industries where data security isn’t just a necessity but a mandate. Let’s take a closer look.

The Challenge of Securing Sensitive Applications

In the high-stakes world of finance, legal, and corporate sectors, the security of web applications is a top priority. Traditional browsers offer a range of security features, but they fall short in providing airtight protection for highly sensitive applications like virtual deal rooms and confidential file-sharing services. These platforms often contain the most sensitive corporate data, yet they lack managed authentication or Identity Provider (IdP) integration. Sometimes third-party users even resort to shared credentials for convenience The risk to data security and compliance in these scenarios is significant and unacceptable.

The Talon Solution: Account Shield

To combat these risks, we’ve developed Account Shield for the Talon Enterprise Browser. Account Shield is a simple and secure feature of the browser that addresses these challenges head-on. Here’s how it works: When a user sets or resets their password for a protected web application within the Talon browser, Account Shield steps in. It replaces the actual password with a unique hash – highly encrypted on the browser and away from prying eyes. This process ensures that the user’s original password will only function within the Talon browser. Users can continue to use their preferred passwords or password managers, but the accessibility of their sensitive accounts is exclusively through Talon’s secure environment.

The implementation of Account Shield is seamless. Once activated by an administrator, users receive a notification requiring account protection for certain web applications. From an administrative perspective, Talon’s visibility and security capabilities shine through. Every access instance to these sensitive applications is logged, providing full visibility and compliance oversight – crucial for sectors like banking where regulatory compliance and data security are non-negotiable.

When activated, the Account Shield feature prompts the user to create or reset their password.

A Real-World Scenario: Banking and Virtual Deal Rooms

To further illustrate, let’s take a look at a hypothetical financial sector use case that we explored when developing this feature. Imagine a banker from Bank A needing to share sensitive information with a colleague at Bank B. The information is housed in Bank A’s virtual deal room, an environment known for its stringent security requirements. With Account Shield, Bank A mandates the use of Talon’s Enterprise Browser for anyone accessing its deal room.

Here’s an example of how it might unfold:

1. Bank B’s Banker Onboarding: Bank A’s IT team provides the Bank B banker with a link to download the Talon Enterprise Browser and a license for its use.
2. Setting the Stage: Once the browser is installed, the banker from Bank B first sets their Talon user account up, then they create their user account to access Bank A’s deal room from the Talon browser.
3. Exclusive Access: Thanks to Account Shield, the password they select will not work in any other browser. The banker can access the deal room, but only through Talon’s browser, ensuring all of the work they do in the deal room is secure and visible to Bank A’s IT team.

This scenario is just one illustration of how Account Shield ensures that critical services are accessed in a controlled, secure environment, mitigating the risk of unauthorized access, and minimizing insider risk.

And to top it off, what happens once the banker from Bank B finishes their work? Easy. Bank A simply revokes the banker’s access to the deal room from the Talon browser and removes their Talon user account from Bank A’s environment. The banker at Bank B can then just delete the Talon browser from their device. Simple and efficient offboarding means that security is easily maintained, and business momentum never slows.

Securing the Door, and the Key

Returning to our lost house key, Talon’s Account Shield effectively eliminates the risk of these ‘digital keys’ falling into the wrong hands. Just as changing the locks can secure a physical house, Account Shield ensures that only the Talon Enterprise Browser holds the key to accessing your organization’s most sensitive digital spaces. This feature is like giving your organization a master key that cannot be duplicated, lost, or misused. It transforms the browser from a simple gateway into one of the most important tools to secure your digital assets.

With Account Shield, the worries of untraceable access, reused passwords, and third-party entry points become things of the past. The seamless integration of this feature into the Talon Enterprise Browser mirrors the ease of having a secure, singular key that opens only with the right conditions – in this case, the specific environment of Talon’s browser. This innovative approach doesn’t just lock the door; it replaces the entire entry way with one that only opens when you allow it.

---

---