Life has changed drastically in many ways after the COVID-19 pandemic. Many businesses adapted to the situation by quickly shifting to remote working to continue with their operations. The new standard for employment is remote work. Companies are bringing out hybrid models to ensure business continuity and employee work-life balance through WFH (Work From Home) options. VPNs are set up to cater to this growing demand for hybrid working where employees can access the corporate network. The challenge, however, is ensuring the high security of remote access because of the following challenges:
Employees cannot be forced to use secure remote connections unless the organization provides them.
Administrators cannot monitor / control who is present in the employees’ homes.
Remote access hardware like modems and routers at home can be vulnerable or compromised.
Proper identification of employees while connecting remotely.
Even after enabling Multi-Factor authentication, cyber-attacks are surging due to this shift in remote working and the inherent challenges of remote access software.
Enabling MFA is a vital part of any remote access security strategy as it can provide better security for remote access of resources. Accessing resources from outside is never a challenge, as many hardware / software based VPNs provide multiple ways to allow users to access corporate data. But there is a critical need to balance security with ease of use. Any system involving carrying external hardware for authentication purposes can be uncomfortable and makes user adoption challenging. Considering many factors CyLock enables MFA for remote access software by leveraging what the user already has and can easily access – their smartphone combined with PIN/ fingerprint making it a convenient experience for employees.
CyLock provides a strong Multi-Factor authentication to remote access software provided by VPN devices or software through RADIUS protocol. CyLock protects logins to SSL VPNs using a variety of authentication methods, including PUSH notification, CR-OTP and software tokens using end users mobile devices. CyLock Authentication Proxy component can be deployed in an on premise server to enable MFA for SSL VPN provided by firewall devices or software based VPNs using the RADIUS authentication protocol.
CyLock RADIUS Proxy authenticates the first factors against Active Directory deployed in the on-premise or cloud. But there is a growing need for organizations to authenticate local users who are not part of the Active Directory like external vendors, consultants etc., as they are often left out of MFA policy. This can pose a serious threat to resources in an organization. CyLock allows complete management of local users through its portal, using which administrators can create, update, delete and enable MFA policies for them while accessing SSL VPN thereby mitigating the security risks.
Currently CyLock supports MFA for SSL VPN for the below hardware / software
Meets regulatory compliance requirements for sensitive data protection
Provides assurance on the users accessing your organization’s network
Only valid and verified users can access organization resources through SSL VPN
Enables MFA for every user - be it Active Directory or Local users
Defend against modern threats like phishing, SIM Swap etc.
Ease of integration and deployment