Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud
    • IT Management
    • Networking

    How SecureLink Eliminates Remote Access Security Woes

    By
    FRANK OHLHORST
    -
    April 10, 2020
    Share
    Facebook
    Twitter
    Linkedin
      SecureLink.logo

      The COVID-19 pandemic has driven the remote access market to new heights. More and more enterprises are seeking secure ways to support remote contractors, temporary workers and other partners. However, most are finding that traditional VPN technology may not be up to the job of offering the security, performance and granular control needed.

      Simply put, cybersecurity hygiene may become a victim of improved bacterial hygiene. Austin, Texas-based SecureLink is aiming to re-establish cybersecurity hygiene with SecureLink For Enterprises, It’s a platform-based approach to securing remote connections while eliminating the potential security issues of VPNs.

      The Problem With VPNs

      VPN technology has recently come under fire as a security solution that can be compromised. VPNs tend to give full access to a connected network, making them a pathway for lateral attacks. That is simply because VPNs often lack critical abilities, such as zero-trust access and privilege control; they also are often deployed as stand-alone solutions without integration into other security products or platforms deployed on the network.

      It’s those issues that have led to some serious network intrusions and breaches, especially those predicted by stolen credentials. According to a Verizon report, 69% of network intrusions were perpetrated by outsiders, making many wonder how many of those intrusions were caused by someone carelessly sharing VPN log-on information. With the sudden growth of remote access needs driven by COVID-19 and other concerns, enterprises may need to look beyond the traditional VPN to ensure that offering remote access to vendors, contractors, employees, temporary workers and other partners remains secure.

      SecureLink Changes the Remote Access Paradigm

      With VPNs failing to fully protect enterprises, SecureLink has developed a different way to secure remote connections from third-party vendors, contractors and others who may need controlled access with SecureLink for Enterprises, a platform that brings authentication, access control and full auditing to remote connections. Where SecureLink really shines is with the concept of vendor-privileged access management (VPAM), an ideology that pairs privileges specifically with the third-party user and takes into account defined policies. In other words, privileges can be assigned or revoked based on more than just the user’s identity, but also on other factors, such as location, time and date definitions, work hours and so forth.

      Privileges can also be assigned for a specific time frame, meaning that privileges can automatically be revoked when a project end date occurs. All of these are critical considerations when it comes to allowing external access to the internal network. These are concerns that would have prevented the all-too-famous Target breach of 2013, which was attributed to failing to properly secure access to Target’s systems by an external HVAC contractor.

      Further bolstering the VPAM ideology is the concept of least privileged access (LPA), where by default, permissions are limited until granted, and then permissions are only given to the applications and resources that the remote user must have. LPA prevents the accidental granting of more privileges to a remote user than they actually need. Full auditing further rounds out the remote security paradigm by tracking all remote user activities.

      File transfers, services accessed and commands entered are all logged, which helps with both compliance and security forensics. Desktop sharing and RDP sessions can also be recorded for future analysis if needed. Other capabilities include multifactor authentication, real-time monitoring and audit reporting, all of which contribute to the overall security hygiene of remote access.

      A Closer Look at the SecureLink Platform

      As mentioned before, SecureLink uses a platform-type model, where an access server is installed at the network edge and configured in the network DMZ. (A DMZ, short for demilitarized zone, is a network [physical or logical] used to connect hosts that provide an interface to an untrusted external network—usually the internet—while keeping the internal, private network—usually the corporate network—separated and isolated from the external network.)

      The SecureLink Server routes traffic through a lightweight client that functions as the gateway for approved network access. The server-side software can be integrated into directory services, PAM providers, LDAP and several other identity-management and policy-enforcement engines, allowing SecureLink adopters to leverage existing technologies to minimize any disruption to internal users, while also extending the same style of access to remote users.

      The SecureLink platform itself was born as a way to control and secure access from external vendors or contractors. Perhaps the perfect explanation for that type of cybersecurity focus comes from that Target breach—where the credentials from an air-conditioning contractor were used to conduct a lateral attack across the network and compromise numerous systems.

      SecureLink recognized the problem presented by non-employee access into critical systems and developed the platform to prevent intrusions like those that plagued Target and numerous other organizations in the years following. Lateral attacks over remote connections are still occurring, with Microsoft reporting that as many as 280 million Microsoft customer records were exposed in January 2020, and the makeup company Estee Lauder reported that 440 million customer records were exposed the following month.

      SecureLink has embraced the core ideology to eliminate the possibility of a lateral attack, limit the privileges of anyone entering the network remotely and incorporate numerous policy controls, along with a zero-trust ideology. The result is a platform that offers security, combined with user validation, full auditing capabilities and automation to reduce the administrative load.

      With the level of different integrations available, plus the overall configurability of the system, looking at the server side of the product from a deployment standpoint proves to be much more than can be covered in the typical product review. That said, the product was tested in a preconfigured environment with the server already supporting a typical network from the edge, with a few preselected cloud and local applications.

      The testing focused on the capabilities offered by the platform once installed, such as secure access, policy definition and overall management, as well as the end user experience.

      Hands On With SecureLink for Enterprises

      Platform management proves to be very straightforward. Administrators are able to quickly define default rights, policies and account enablement workflow. The system uses a browser-based dashboard, which proves intuitive to most any administrator.

      The administrator is able to define what applications are available and control remote users’ access to certain services, such as RDP and file transfer. The admin can also define time limits, set up access expiration dates and so forth. Administrators can also define workflows, allowing a user to request access and then have that request emailed on to someone assigned the task of approval, who then can grant access to the remote user. The platform can be further integrated into a CRM system, which can also be used to prompt those requesting access for additional information, such as the reason for access and other administrator-defined fields.

      For those remotely accessing the system, everything takes place via a browser—the remote user simply enters the URL to the SecureLink server and then fills out forms for requesting access or just logs in if access has been approved. Although the design was originally built around remote vendor or contractor access, it works perfectly fine for a traditional remote user as well. In other words, the platform has the ability to bring simplified and secure remote access to those working from home or from any other location, as long as they have reliable internet access.

      Once authenticated, remote users will have access to the applications that they have been granted privileges for. Remote workers will find the support for RDP rather handy, allowing them to take control of their desktop located in the office to work on it as if they were physically there. What’s more, remote administrators will also be able to leverage RDP sessions to access servers or troubleshoot desktop PCs for end users.

      For those concerned with compliance and, more specifically, the auditing requirements around compliance, the platform provides plenty of tools to ease those chores. All activity is recorded and is fully auditable. The system also offers reports that lend additional forensic information to the auditing process.

      Conclusions

      SecureLink does an excellent job of resolving the common problems that VPNs present to enterprises today. Unified management, as well as privilege and policy definition, returns control back to administrators wanting to properly secure their networks for remote access tasks.

      Integrated auditing and the ability to connect to third-party security solutions and cloud services help to make SecureLink a real consideration for those seeking to secure remote connections, while also maintaining control over all remote access sessions using policies and preventing privilege creep that could lead to lateral attacks.

      What’s more, the access paradigm proves to be easier for remote users than traditional VPNs, while those concerned with compliance will have all of the necessary metadata to make their reporting chores much easier.

      Basic Pricing Info

      SecureLink offers an all-in-one subscription pricing model. Implementation, training, support and technical maintenance are all included. Unlike most software licensing, the subscription price is all you pay and gives organizations predictability in their investment and eliminates hidden costs for services or add-on capabilities. The price is based on the number of unique vendors (not users) connecting through the system and starts at $500 per vendor per year. Typically, organizations have little control over the number of users their vendors may need, so this approach elicits more certainty and control than a traditional user-based licensing model.

      Frank Ohlhorst is a veteran IT product reviewer and analyst who has been an eWEEK regular for many years.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×