When licensing a new solution, vendors, system integrators, MSPs, and value-added resellers (VARs) will almost always insist on professional services in order to make the solution successful. The time they spend helping install, configure, and document the implementation can make the difference between a successful project and shelfware.
However, the delivery method for professional services depends on the solution, environment, access, and expertise required to deliver the solution. Sometimes it requires staff onsite, or travel to multiple locations. In other instances, the entirety of professional services may be provided via access from a remote location.
Most organizations prefer the remote access option because it typically saves significantly in terms of travel and entertainment (T&E) costs. However, there are also other risks to consider with remote access, which exposes internal resources externally in the course of performing the work. This is where BeyondTrust’s secure remote access technology can help contractors, professional services, and even remote help desk personnel engaged in these activities.
For starters, BeyondTrust Privileged Remote Access is designed to manage and audit vendor and internal remote privileged access without the need for a dedicated VPN solution, or to provide third parties access to your VPN software. Let me briefly articulate how the BeyondTrust solution works, and why it can help you address remote access use cases more securely and thoroughly than other solutions you may encounter.
The BeyondTrust solution enables organizations to extend access via a web browser or dedicated client. The BeyondTrust privileged remote access appliance can be hosted on premise or in the BeyondTrust cloud hosted by AWS, and is SOC II compliant. The solution provides secure access, with a dedicated cloud tenant, and advanced integration into privileged access management (PAM) solutions to ensure credentials are never known or exposed to the end user. This significantly lowers the risk from third-party access to the organizations since a contractor or vendor never knows the credentials used to authenticate to a resource. Because of this design and the encryption, organizations can confidently extend remote access to sensitive systems, while benefiting from robust protections against lateral movement, session hijacking, and man in the middle attacks.
So, how do BeyondTrust secure remote access solutions save your organization money, while also lowering third-party remote access risks?
- Systems that previously required an onsite presence for professional services can now be securely accessed remotely, lowering costs.
- There is no need to enable RDP or SSH to securely access resources when a dedicated Jump Client is installed, lowering the risk for inappropriate session access.
- When used with BeyondTrust Password Safe, the end user benefits from credential injection technology to automatically logon to a host without credential exposure. This reduces cyber risk by not exposing any internal credentials to third parties.
- Support for 2FA or MFA technology to ensure all session usage is appropriate.
- The end user does not need a dedicated client for remote access. All remote sessions are supported in any modern browser, limiting the need for potentially insecure tool access.
- No protocol or port tunneling is required from the end user to the resource, lowering the risk of service and application-based vulnerabilities.
- Additional VPN licenses, dedicated hardware, or corporate issued laptops are not required due to all of the above benefits. This lowers the cost for any remote access deployment and supporting use cases.
The next time your organization is embarking on a project with professional services, an outside contractor, or any third-party vendor, consider BeyondTrust’s secure remote access solutions. With BeyondTrust, you don’t have to make the tradeoffs between security and usability. You can save money on T&E by leveraging cutting-edge remote access technology that lets your contractors, vendors, and remote workers do exactly what they need to do, while staying rigorously protected. Unlike other solutions, BeyondTrust enables you to extend privileged access management best practices beyond the perimeter.
You can also leverage BeyondTrust solutions to address advanced vendor access security use cases for managed service providers (MSPs) to ensure that your MSP’s access does not become a liability for you, as was the case with the recent Wipro breach.
For more information on how BeyondTrust can enable you to address your secure remote access needs, contact us today.
Morey J. Haber, Chief Technology Officer and Chief Information Security Officer at BeyondTrust
Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four Apress books: Privileged Attack Vectors (2 Editions), Asset Attack Vectors, and Identity Attack Vectors. In 2018, Bomgar acquired BeyondTrust and retained the BeyondTrust name. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. Morey currently oversees BeyondTrust strategy for privileged access management and remote access solutions. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.