Secure remote access to the information system

Grant totally secured access to your information system

Control remote access to the information system

When referring to an information system, access control describes to the various technologies that enable external or internal access to the information system to be secured.

ANSSI*, the French national digital security authority, has published a paper called “Guideline for a healthy information system in 42 measures”, which details 42 measures that should be implemented to strengthen the security of an information system. Among these measures,

ANSSI described solutions that should be implemented to control access to the information system:

connexion

Have named accounts

Access accounts for the information system must be named and not generic

list

Assign rights properly

Ensure that rights to sensitive resources on the information system have been properly assigned

shield

Control access to the information system

Strictly control access to the information system by ensuring that only authenticated users are duly authorized

question-list

Regularly review the rights

Strictly control access to the information system by ensuring that only authenticated users are duly authorized

 

Discover IPdiva Secure, an access control solution for the information system

Multi-factor authentication or strong authentication (SSO)

Among the measures to be implemented to control remote access to the information system, ANSSI recommends that, where possible, a strong authentication solution be prioritized or, in other words, a multi-factor authentication solution that uses at least two different authentication factors from the following:
- Something the user knows (password, signature);
- Something the user has (smart card, magnetic card, RFID, smartphone to receive an SMS code);
- Something that the user is (biometric fingerprint).

In order to guarantee a higher level of security, ANSSI recommends the use of smart cards or, failing this, one-time password mechanisms (OTP) with a physical token.

Discover Avencis SSOX, an access control and unified strong authentication (SSO) solution

Monitoring privileged users or Privileged Access Management (PAM)

A privileged user is a user that has special rights to access critical resources in the information system and to undertake an action on those critical resources. This often includes "administrative rights" that are assigned to internal employees or external service providers, which use them in order to remotely work on the information system, for example, to carry out maintenance or migration operations, among others.

For many organizations, privileged access to their information system has long been an Achilles’ heel. It can be difficult for an IT manager to control who is doing what on the information system, and to ensure the complete security of the privileged accounts held by internal employees, partners, or suppliers.

Thus, solutions for monitoring privileged users – also referred to as Privileged Access Management (PAM) – make it possible to guarantee the security of these privileged accesses in real time:

video-camera

Recording sessions

Recording of privileged users’ sessions and viewing these sessions in video format

big-search-len

Real-time detection

Real-time detection of abnormal or suspicious behavior

controls

Programming protective actions

Automating protective actions that allow for malicious users to be stopped

analytics

Traceability of actions taken

Traceability of privileged users’ actions in order to be able to identify both the actions carried out and the person responsible for them

stop

Contain cyber threats

Intrusion detection as soon as suspicious behavior is identified, and not when the damage has eventually been noticed

Discover IPdiva Safe, a Privileged Access Management solution

Want to know more about securing all remote access and monitoring privileged users?