Johannesburg, 14 Apr 2015
There are many pros and cons for VPN and terminal services solutions. They are aimed at corporate-owned devices offering access to the network and systems. However, they also provide access to the entire network, and the Internet, which some users utilise for their own personal use, prompting security concerns.
To protect the company network and business data, a comprehensive security stack is usually required, including VPN, hard disk encryption, endpoint control, network access control, patch management, 2FA and more, which is both costly to purchase and to manage. High end, expensive laptops are also often required in order to run the security components at an acceptable performance level for the user.
* What if you don't have company laptops for all the staff and users who wish to work from an "untrusted" device such as a home PC or Internet caf'e?
* What if you require contractors and partners to access certain resources from their own PC?
* What if you need to reduce the cost of providing remote access?
In the new world of BYOD, flexible working and unmanaged PC usage, there are new challenges to overcome, which prompts the question - is a VPN solution the right approach?
Requirement for IT
* Flexible - support for a range of use cases including RDP, VDI, Citrix, Web Apps access.
* Easy to manage - work consistently across diverse platforms and OS versions.
* Secure - must protect business data from data loss and the corporate network from malware.
"IT does not feel comfortable offering VPN access to unmanaged and or privately-owned PCs and laptops for staff and external consultants, as this creates significant risk of data leakage and network compromise," says Sean Glansbeek, Managing Director of Seven Days Technologies.
While it is possible to install security components onto the unmanaged PCs, this can be difficult to maintain when there are so many different PC variants to support and the machines are remote.
The requirement for the user
* Non-intrusive - doesn't want the personal PC to be overloaded with security controls or the risk that personal usage may be monitored or restricted.
* Simple - doesn't want to remember URLs, or have to sign into multiple systems or become an expert in installing or patching company software.
* Consistent - must support the user's PC, whether Windows or Mac, regardless of OS version.
Solutions offered by a company called Excitor enable secure usage of private or company-owned mobile phones, tablets and PCs or laptops.
The Excitor G/On bootable USB stick is one of those solutions
* Consistent, easy to manage - boots PC/Mac into a known OS, providing consistency for users and a known desktop for IT to manage.
* Secure - disables hard drive, preventing data loss and vulnerability to malware from home PC.
* Simple, non-intrusive - insert USB and boot PC for work. Remove USB and boot PC for unrestricted home PC usage.
* Flexible, simple - Sign in to G/On once for single sign-on to all business applications through a simple menu.
* Value, savings - no need to purchase company laptops or VPN and works with low-cost/older PCs.
* Compliant - provides users with virtual application access, not direct network access. Ideal solution for staff, partners and contractors. No trace left on device, no data leaves the network.
Excitor G/On creates a protected connection between a client proxy and a server proxy that isolates the PC from the network, ensuring all data stays inside the company network.
"Organisations can now offer both staff and external parties controlled access only to applications and data for which they are authorised, rather than access to the network. Organisations can also reduce their security requirements on unmanaged devices as there is no data leakage and no need to maintain additional security software," concludes Glansbeek.
Share