When licensing a new solution, vendors, system integrators, MSPs, and value-added resellers (VARs) will almost always insist on professional services in order to make the solution successful. The time they spend helping install, configure, and document the implementation can make the difference between a successful project and shelfware.
However, the delivery method for professional services depends on the solution, environment, access, and expertise required to deliver the solution. Sometimes it requires staff onsite, or travel to multiple locations. In other instances, the entirety of professional services may be provided via access from a remote location.
Most organizations prefer the remote access option because it typically saves significantly in terms of travel and entertainment (T&E) costs. However, there are also other risks to consider with remote access, which exposes internal resources externally in the course of performing the work. This is where BeyondTrust’s secure remote access technology can help contractors, professional services, and even remote help desk personnel engaged in these activities.
For starters, BeyondTrust Privileged Remote Access is designed to manage and audit vendor and internal remote privileged access without the need for a dedicated VPN solution, or to provide third parties access to your VPN software. Let me briefly articulate how the BeyondTrust solution works, and why it can help you address remote access use cases more securely and thoroughly than other solutions you may encounter.
The BeyondTrust solution enables organizations to extend access via a web browser or dedicated client. The BeyondTrust privileged remote access appliance can be hosted on premise or in the BeyondTrust cloud hosted by AWS, and is SOC II compliant. The solution provides secure access, with a dedicated cloud tenant, and advanced integration into privileged access management (PAM) solutions to ensure credentials are never known or exposed to the end user. This significantly lowers the risk from third-party access to the organizations since a contractor or vendor never knows the credentials used to authenticate to a resource. Because of this design and the encryption, organizations can confidently extend remote access to sensitive systems, while benefiting from robust protections against lateral movement, session hijacking, and man in the middle attacks.
So, how do BeyondTrust secure remote access solutions save your organization money, while also lowering third-party remote access risks?
- Systems that previously required an onsite presence for professional services can now be securely accessed remotely, lowering costs.
- There is no need to enable RDP or SSH to securely access resources when a dedicated Jump Client is installed, lowering the risk for inappropriate session access.
- When used with BeyondTrust Password Safe, the end user benefits from credential injection technology to automatically logon to a host without credential exposure. This reduces cyber risk by not exposing any internal credentials to third parties.
- Support for 2FA or MFA technology to ensure all session usage is appropriate.
- The end user does not need a dedicated client for remote access. All remote sessions are supported in any modern browser, limiting the need for potentially insecure tool access.
- No protocol or port tunneling is required from the end user to the resource, lowering the risk of service and application-based vulnerabilities.
- Additional VPN licenses, dedicated hardware, or corporate issued laptops are not required due to all of the above benefits. This lowers the cost for any remote access deployment and supporting use cases.
The next time your organization is embarking on a project with professional services, an outside contractor, or any third-party vendor, consider BeyondTrust’s secure remote access solutions. With BeyondTrust, you don’t have to make the tradeoffs between security and usability. You can save money on T&E by leveraging cutting-edge remote access technology that lets your contractors, vendors, and remote workers do exactly what they need to do, while staying rigorously protected. Unlike other solutions, BeyondTrust enables you to extend privileged access management best practices beyond the perimeter.
You can also leverage BeyondTrust solutions to address advanced vendor access security use cases for managed service providers (MSPs) to ensure that your MSP’s access does not become a liability for you, as was the case with the recent Wipro breach.
For more information on how BeyondTrust can enable you to address your secure remote access needs, contact us today.
Morey J. Haber, Chief Security Officer, BeyondTrust
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored three books: Privileged Attack Vectors, Asset Attack Vectors, and Identity Attack Vectors. He is a founding member of the industry group Transparency in Cyber, and in 2020 was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud based solutions and regularly consults for global periodicals and media. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition where he served as a Product Owner and Solutions Engineer since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.
