Secure Access from Personal Devices

Now that many of us work from home, are you faced with securing access from personal devices?

Like me, you have likely been shocked by the amount of paper products that people have decided to hoard which has caused shortages and rationing by store owners. Meanwhile, another surprising shortage that may have gone past your notice, unless you are the one responsible for issuing secure and compliant devices for employees working from home, is laptops. Laptops are seeing a 10X surge in orders, and like paper products, there are reports of empty shelves. Due to this increase in demand and a supply shortage, companies are going beyond using just organization owned laptops for work from home, and out of necessity, are allowing personally owned devices to access critical networks and applications.

Organizations permitting personal device usage are putting themselves at risk of data loss, breaches, and fines—like this $3 Million dollar fine? The good news is that adding a solution to ensure secure remote access from personal devices is within reach both budget-wise and timewise.

Here are three common remote access use cases and how to ensure secure access:

1) Access to a virtual desktop infrastructure (VDI) on personal devices -- Before permitting remote access to the desktop or applications, VDI solutions such as VMware Horizon, can consult a compliance checking solution like MetaAccess from OPSWAT. If the device is not secure and compliant based on policies you configure, the VDI solution will block access.

2) Access to SaaS services from personal devices -- Access to SaaS services such as Office 365 or Salesforce can be blocked unless the device being used to access them is compliant. In this case, the authentication relies on a SAML IdP such as Okta, Ping Identity, or Centrify. The authentication mechanism is used to get in the loop to enforce compliance.

3) Access to on-premises or network resources from personal devices. Using a Software Defined Perimeter (SDP), network level access to an application or a network resource can be prevented until the user and device are known to be trustworthy. An SDP is more secure, easier to manage, and deploy than a VPN. Traditional VPNs were not designed with the current level of security and management requirements in mind.

What all three use cases have in common is implementing a method to block access until the device being used is known to be secure and compliant. Moreover, if the device stops being compliant, let’s say the user shuts off their antivirus scanner or turns off their malware scanner, the device will be blocked until returned to compliance. These solutions can guide the end user to self-remediate and obtain compliance

We can’t offer a solution to paper supplies or laptop delivery, but we can solve the security issue. OPSWAT offers a solution to all three of the use cases described above through its MetaAccess and SafeConnect SDP solutions, which can be implemented in hours or days and allows the end user to self-remediate their non-compliance, ensuring ease of use for both IT and the end-user.

Contact OPSWAT to learn more.