undefined | Better HN

0 pointsjbob20007y ago0 comments

The issue is that you obfuscate the destination of the link. This is a big no-no in enterprise fraud prevention. We train people to only click trusted links. How do I know whether a golink is trusted or not? And what if my golinks account is compromised and all my links get redirected to phising sites? All of this huge risk so... people can remember the link?

0 comments

seantomburke7y ago

These are all great questions. Security is definitely our number one priority, especially since most of our customers are large enterprises. In order to create a link, you must first authenticate with your company's Single Sign-on solution to access the dashboard. If a user cannot properly be authenticated through Okta, GSuite, or another SSO, then that user cannot use the shortened link and cannot access the knowledge base of links. Second, all of the destinations can be audited in the dashboard, and we're currently testing solutions for checking the safety of a link that users can redirect to. This is unique to a golink system since the company can set these policies up for its users. For example, as an admin, you can disallow "http" links and force all links to use "https" to increase the security of the links. Now the company has control over which links are allowed to be used. The memorable link portion is also an added benefit of implementing a golink system.

j / k navigate · click thread line to collapse

0 comments

seantomburke7y ago

j / k navigate · click thread line to collapse