Secure remote access
to corporate resources

The solution based on Indeed AM protects remote access of employees to the corporate IT systems and applications

schedule demo
prew-product

Task

Most governmental and commercial organizations today (except for classified facilities) have set out on the road to remote work. Both individual employees and entire departments may be offered to transition to telecommuting.

There are two main remote options depending on duration:

  • Temporary arrangements when your employees or departments need to work remotely due to short-lived objective reasons, such as business trips, illness, and other situations.
  • Permanent arrangements when telecommuting is the only option available to employees.

One of the most important parts in telecommuting is to ensure remote access to corporate resources. The following remote access resources can be used in this case:

  • Corporate web resources
  • Application servers (terminal servers)
  • RDP server
  • VPN gateways
  • Virtual desktop infrastructure (VDI server)

It is important to keep in mind that some technical, organizational, and physical means designed to protect information cannot be used in telecommuting. For example, physical protection of a remote desktop is simply unachievable, while the use of technical means to protect information at the level of network perimeter may prove quite challenging. This is why the bottom line of remote access security is adequate protection of your employees’ desktops as well as corporate resources used for your employee connections.

The main sources of cyber security risks in the context of telecommuting are as follows:

  • Low security of personal devices of your remote employees
  • Low security of network environment at your employees’ workstations (irrespective of whether they use a personal device or a corporate solution)
  • Uncontrolled connections to resources via smartphones and tablets
  • Direct web access from workstations used for critical processes
  • Situations when it is impossible or very hard to apply corporate network security solutions (including anomaly detection)
  • External access to critical corporate resources
  • Tight schedule of changes in your network architecture to ensure prompt access to work resources while threat modeling is often overlooked
  • Excessive permissions granted to employees

All IT resources (access objects) are designed to grant access to named access subjects (users). This is why one of the key tasks of information security systems lies in preventing the illegal use of employee credentials for all attempts to connect to corporate services (i.e., credentials theft). This makes secure authentication a prerequisite for all remote sessions.

The best way to ensure remote access protection is to use hardware and software that offers unified strong authentication scenarios for all attempts to connect to the resources accessible from the outside. This comprehensive solution must include specialized software and hardware enabling strong authentication, as well as a Two-Factor Authentication (2FA) Provider, another solution that supports strong authentication across various corporate resources.

Solution

Specialized solutions enabling integration of remote access resources with strong authentication tools can help you get a single set of authentication tools for remote access to all target resources.

The Indeed AM platform enables the necessary system integration and addresses the most relevant issues related to remote access control, such as:

  • Secure VPN connections
  • Secure RDP connections
  • Secure connections to public web resources
  • A unified remote access control system

The following strong authentication tools can be used for building a secure remote access system:

  • One-time passwords (OTPs) sent by email, SMS, or via a Telegram bot
  • Push authentication
  • Mobile applications serving as OTP generators
  • Hardware OTP generators

The Indeed AM solution features different strong authentication methods for different user groups and specific target resources. This means you can choose the right option for each group of employees, depending on whether or not they have access to critical data, and to what extent.

Since strong authentication methods are used for remote access, it is perfectly acceptable to use a single set of authenticators for all resources. If necessary, the same authenticators can be also used for local sessions.

In addition, the Indeed AM platform can help you neutralize all cyberattacks that aim to sabotage your company’s operations by remotely blocking your domain accounts, for example, via your public email web page. In this case, the intruders, who were able to get hold of your identifiers, deliberately enter wrong passwords. What gets blocked in the course of such a cyberattack is the authenticator used for remote access rather than the actual user account.

Technical parameters

User directories

  • Active Directory
  • DBMS (SQL)

Target resources

  • Microsoft Remote Desktop Server
  • Microsoft Internet Information Services
  • Web applications
  • VPN servers
  • Application servers
  • Virtual desktop infrastructure (VDI)

Integration mechanisms for target applications

  • RADIUS
  • ADFS
  • SAML
  • OpenID Connect
  • OAuth 2.0
  • Kerberos
  • Enterprise Single Sign-On

Strong authentication technology for secure remote sessions

  • One-time passwords (TOTP/HOTP)
  • Push authentication
  • Digital certificates

Strong authentication tools for secure remote sessions

  • Mobile applications serving as OTP generators (Indeed Key, Google Authenticator, Yandex.Key, and other apps that support HOTP/TOTP protocol)
  • Hardware OTP generators (eToken PASS and others that support HOTP/TOTP protocol)
  • The Indeed Key app used for generating OTPs and push authentication
  • OTPs sent by email, SMS, or via a Telegram bot

Get the budget estimation of your project

get questionnaire
prew-product-work

Industries

Learn how multiple industries enjoy benefits from implementing our products

Prev
Next

industry about us

quot-mark
avt-1
Andy Woo
Regional Director of Pacific Tech

At Pacific Tech, we are continuously evolving and bringing new solutions to our partners and customers in the region. We are delighted to be partnering with Indeed Identity. With Indeed Identity, we found a comprehensive access management solution which perfectly complements the growing population of Singapore work-from-home workers. As a leading cyber security solution provider, this strategic partnership is perfect for our two companies.

read more
quot-mark
avt-2
KC KuppingerCole Report
Executive view

Indeed Identity’s innovative approach towards designing its whole product portfolio as a highly modular open application platform allows the customers to pick and choose the modules as needed and grow in the future as their business needs expand. Even out of the box, Indeed Certificate Manager provides comprehensive yet convenient management capabilities for both administrators and end users.

read more
quot-mark
avt-3
Michael Bürger
Founder & Sales Partner at EU-HUB Network

Since approximately 5 years now I’m working with Indeed Identity quite successfully. First as my vendor client and next as a trusted innovative software partner. Now we are re-selling Indeed Identity software as a Distributor for the EU and beyond. Often I met Indeed Identities CEOs, CTO, Product Management, Partner Managers and System Engineers, on the the phone and even in person in London and Munich and always my feeling was that this is are smart people, an excellent organized company, straight forward thinking and | don’t have any doubt that together we will be very successful this decade in the 2020s on everything we target.

quot-mark
avt-4
Leo Querubin
Executive Director for Business Development of Pointwest Technologies Corporation

The products of Indeed Identity, like Indeed Access Manager, a software for strong and multi-factor authentication (MFA), can provide the structural changes that force everyone to follow necessary cybersecurity procedures. Customers get the best of both worlds — the world-class cybersecurity products of Indeed Identity and the experience and expertise of the local cybersecurity landscape of Pointwest.

read more
quot-mark
avt-4
Volkan Duman
Information Technologies General Manager at vMind

As a result of the long-term laboratory tests and studies that we conducted, we believe that Indeed Identity products should certainly be on the Turkish market. Thanks to our partnership with Indeed Identity, we sought to expand the access control and certificate management market, which is located in a narrow profile in the country, as well as add value by transferring technology to our country. When we compare Indeed Identity products with similar products, we can safely say that they contain much more different features and are more inclusive.

read more
quot-mark
avt-4
Marko Pust
Director of OSI.SI

We have a long partnership with Indeed Identity for more than 2 years already. I can confidently say that Indeed CM is one of the best and technologically enhanced products for managing digital certificates and smart cards on the EU market. This product has a number of unique features such as Client Agent and Indeed AirCard Enterprise network-attached smart card that are highly valued by our customers. One of the customers said that Indeed CM brought automation and visibility to their PKI life.

quot-mark
avt-4
Heng Lie
Director of Synnex Metrodata Indonesia

I believe that Indeed Access Manager is an excellent solution for many of our clients. It manages access to all information systems of the enterprise and protects companies from internal and external cyber threats. It is a flexible platform combining different authentication scenarios and methods.

quot-mark
avt-4
Sergey Yeliseyev
X–Infotech Owner, Business Development Director, Government eID solutions

Indeed Identity is the company of professionals in the field of information security. They provide top-level solutions for PKI management and access control to corporate resources. We recommend this company as a reliable partner.