Vijender Yadav, Director & CTO, Propalms Network
Secure Remote Access is a problem that enterprises have been dealing with for years. A decade ago, secure remote access was a right enjoyed by a privileged few: key executives, sales force.
Majority of the use cases deployed have been for branch office connectivity. But ubiquitous high-speed Internet connectivity, coupled with explosive growth in mobile devices has increased expectations. Emergence of some of the new technologies has also allowed organizations to embrace secure remote access for more use cases.
Meanwhile, new mandates continue to accelerate demand for safe, anytime, anywhere access to corporate networks and services.
Many organizations believe in “no remote access” as best secure remote access strategy to keep corporate assets secure and avoid any threats because of remote access. For e.g. the employees are not allowed to work from home or access while roaming to data, directly affecting their productivity and company loyalty. The concerns of the organizations are valid towards unauthorized access, identity impersonation, endpoint infections and the risk of data leakage, especially when the organization deals with highly confidential data like financial and health data.
The solutions to data-leakage, un-authorized access and other problems have not been core focus of legacy remote access solutions to solve. The legacy gears like IPsec VPN and SSL VPN are focused only on data encryption during transit, basic user authentication and authorization.
But these solutions do not and cannot deal with problems related to data security in usage and at storage, endpoint security and flexible policy control which are the problems that the organizations have to deal separately when it comes to secure remote access deployment.
The new age secure remote access solutions bring several new technology enhancements and integration with other solutions to solve the new age security challenges. Also organizations now have new independent solutions that help avoid the data-leakage issues on unmanaged machines.
Focus on Applications Rather than Network
The new secure remote solutions focus on providing application access to remote users rather than providing network access. The access to applications is provided over clientless or plug-in enabled browsers. In the corporate network, the deployment of secure access gateway is simple and policy management is based on users & applications and there are no complex network routing requirements. A simpler architecture enables organizations to open up their resources to new users working from managed or un-managed machines with confidence.
Application virtualization and VDI adoption have enabled organizations to move from a distributed desktop based computing to centralize datacenter based computing. The inherent principle of Application virtualization and VDI solutions is to move data and applications to datacenter to let the users remotely work on the applications and data. When combined with new age secure application access gateways, organizations can extend their corporate applications to any user outside the office; be it roaming users, mobile users, field users or partners.
Application virtualization and VDI enables a read-only access to client-server and web based applications providing a fully secure sandbox environment for users to work. All data-theft related challenges can be solved with this integrated solution approach.
HTML5: The New Desktop
A secure application gateway in integration with application virtualization or VDI solution can use HTML5 based browsers to render any Microsoft Windows desktop or client-server application in a browser enabling a true clientless access to any application. This has never been possible before with legacy secure remote access solutions which require installation of a full client or plug-in based portal for access to client server applications.
HTML5 based access will enable organizations to open up their resources to partners and extranet users who use unmanaged machines and installing any client or agent on their machines has not been possible.
Endpoint and Mobile Device Management
Organizations are always concerned about the devices which connects to corporate resources and can synch and cache data on the local devices for offline access. With proliferation of mobile and tablet devices, more and more users are accessing corporate applications & data on their personal devices or accessing from unmanaged machines. The mobile device management solutions enables policy controlled access to corporate applications from mobile devices. The policies can enable application and device profiling, application control, remote data swipe & several others.
The secure remote access gateway includes features to detect endpoint security posture and restricting unsecure devices from gaining access.
Different users and different organizations have different access needs. Deploying Secure Remote Access demands more than one solution to be deployed to address different type of users and use cases. Organizations can start with a single secure remote access gateway and keep on adding additional solutions on need basis to fully secure their deployment as well as support variety of users. The newer secure remote access solution focuses on delivering a seamless and secure application access user experience and simpler policy control.
Organizations should deploy a secure access gateway that can integrate with solutions like VDI, application virtualizations, MDM, DLP so that all the gaps can be closed.