Ironsphere: Privileged Access Management for Remote Workers, Employee and Contractor
By: Sean Miller
The Ironsphere team hopes you and your teams are staying safe and healthy by following the guidance and legislation associated with the COVID-19 Coronavirus pandemic and enabling as many as possible to work productively and securely from home.
As the threat of COVID-19 continues to spread, one of the most important precautionary health measures, “social distancing,” emerges as a new cybersecurity challenge, especially when it comes to accessing highly sensitive and confidential information, or mission critical networks, clouds, applications and services.
Telecommuting is becoming the new normal, so investments made in bolstering security through proven, scalable Privileged Access Management (PAM) systems will pay off in the short and long term.
As organizations scramble to ensure business continuity, cybercriminals are taking advantage of vulnerable businesses and government agencies; using the right remote access tools is vital for cybersecurity, as threat actors commonly target unsecured remote access methods to find the initial gap in network security.
Since privileged accounts have full access and manage the most valuable organization assets, IT teams must be more proactive about preventing any disruption and identity vulnerability, while they are enabling privileged remote access for any remote users, including employees, third-party vendors and contractors.
Here are Our Top 5 Best Practices for Secure and Efficient Remote Work
- System credentials are the sweet spot for hackers to gain full control over critical systems, and 80% of data breaches start with capturing system/admin credentials. Providing employees with one-click, zero-install access to systems/apps without any system credential exposure eliminates the biggest risk.
- Allow remote access strictly with Two-Factor Authentication to eliminate the risk of personal account theft, considering employees may be trying to access the organization’s resources from a public Wi-Fi or unsecure network.
- Before employees access the organization’s mission critical systems, ensure a strong level of trust is established by implementing additional controls like managerial approval or geo-location.
- Reduce the attack surface by limiting employee access to systems that are essential for them to perform their legitimate business operations.
- Make sure all session logs, activity logs and session video records are available for audit and forensic purposes.
To help IT organizations address these challenges, mitigate the security risk and reduce the operational complexity of remote access, Ironsphere is offering the fastest-to- deploy and only transversal PAM platform in the market.
Unlike agent-based traditional PAM solutions, Ironsphere combines PAM features with built-in multi-factor authentication, single sign-on access, AAA server functions and database firewall capabilities in an agentless, vendor agnostic and proxy-based end-to-end platform. In addition to standard access methods, we also provide remote virtual desktop or remote console access directly from any web browser, without any prior application or plugin installation.
We’re here to help organizations like yours quickly and affordably strengthen your security posture, by ensuring only the appropriate people access only the necessary systems and data they need, to continue “business as usual” even in the most uncertain times.
Please let us know if you’re interested in a quick demo, and in the meantime, stay safe and stay healthy in the weeks and months ahead.
We have all found ourselves in a different world of work given the events that have defined 2020, and few professionals are feeling the pressure more than IT and OT teams.
Just as cyber risks evolve, the evolution of risk appetite frameworks is more active than ever. With more sophisticated adversaries, more digital transformation initiatives, more mobile works, ecosystem partnerships and connectivity to multiple clouds and services, enlightened management teams and their boards are updating their levels of “risk tolerance.”
Two-factor authentication has been around for decades – requiring an additional step between entering a username and password, for example, then entering a one-time security code sent to a mobile device – to access applications, systems and data.