Delivering remote zero-trust network access to IT and DevOps teams

hand reaching towards a cloud of light visualising a global network

The demise of the office was a popular talking point during the pandemic, and although it never quite came to pass, the central workplace we left in early 2020 isn’t the same today. For starters, not everybody came back. Remote work turned into a permanent deal for many, and this has forced companies to rethink the way their employees collaborate.

Within this cultural shift, however, a subset of workers are often forgotten – the IT team that maintains the technology which allows for hybrid offices. These professionals keep your device clean and connected no matter where you are, and they do so with remote access software from providers like Keeper Security.

Before the pandemic introduced more of us to remote working, virtual private networks (VPNs) were the go-to solution for remote workers. VPNs were fine when only a very small number of people worked remotely, but when the entire world shifted to distributed work, the limits of VPNs quickly became apparent. In addition to being expensive, sluggish, difficult to scale and complicated to use, the majority of VPNs don’t support modern zero-trust network access (ZTNA), which is key for securing today’s distributed data environments and workforces.

As an alternative, remote desktop gateway software provides organisations with fast, scalable and zero-trust remote access to IT infrastructure, with features such as least-privilege access, role-based access control (RBAC) and multi-factor authentication (MFA).

Use cases for remote desktop gateways

Remote desktop gateways work by capturing control of a remote device’s screen, mouse and keyboard controls and transmitting them to another computer, where a user can view and use the remote machine as if they were sitting right in front of it.

The most common use cases for remote desktop gateways involve IT and DevOps teams, who must remotely connect to IT infrastructure to perform upgrades, maintenance and troubleshooting. For example, help desk personnel can remotely connect to employees’ machines to find and fix software or operating system problems, security teams can use remote desktop access to investigate potential security incidents and DevOps teams can perform infrastructure monitoring and maintenance.

Non-technical employees can use remote desktop gateway software to transfer files from one computer to another, such as for sales demonstrations, or to print out documents stored on the remote machine. Remote desktop access enables employees to work from anywhere – home, a coffee shop, even abroad – and still access a central work computer to use the work-related programs and files that are stored on it.

Remote workers can also be taught to use their machines in new ways, or have new software demonstrated by a more experienced colleague via remote access. If the main office is looking to keep the organisation compliant with GDPR, for instance, the person in charge of data protection can reach out to all colleagues and remotely demonstrate what constitutes company policy.

The value of zero-trust remote access

Having a workforce spread across a region or an entire country (or internationally) presents a number of security challenges. Compromised credentials were a common attack vector for ransomware attacks prior to the pandemic, and the shift to remote work exacerbated the issue. Remote desktop protocols (RDP) are a major vector for ransomware attacks, as they frequently lack multi-factor authentication.

Without modern zero-trust network access, all cyber criminals need to access the wider network – or remotely tap into an individual device – is a working set of login credentials. Threat actors can crack passwords using a number of different tactics, such as brute-force attacks or password spraying. Your business is literally one compromised password away from a ransomware attack or data breach.

Keeper Security’s Keeper Connection Manager is an agentless, remote desktop gateway that can be installed in any on-premises or cloud environment to provide DevOps and IT teams with effortless, zero-trust access to RDP, SSH, databases and Kubernetes endpoints through a web browser. All users and devices are strongly authenticated before they are permitted to access organisational resources. Once properly authenticated, end users interact with remote desktops via a secure session from their web browser – there are no special plugins or client software to install and maintain.

Keeper Connection Manager enables administrators to provide access through RDP, SSH, VNC, MySQL and other common protocols without having to share credentials with end users. Unlike VPNs, which give every user full, unfettered access to all systems, Keeper Connection Manager’s fine-grained controls enable administrators to provide access to select systems – or just one machine. Access can be revoked at any time, and a robust audit trail identifies when and how the system was used.

Furthermore, all activity in the system is tracked and monitored with complete event logging, reporting and alerts. The zero-trust security model prevents lateral movement through an organisation’s systems unless permitted by the platform’s control and enforcement policies.

The hybrid work model is here to stay – and zero-trust network access is key to supporting and empowering a dispersed workforce. Keeper Connection Manager enables organisations to adopt zero-trust remote access for their distributed workforces, with granular visibility and control across all designated endpoints.

Try Keeper for free today or book a personalised demo to learn more about the best way to protect your organisation from cyber attacks

ITPro

ITPro is a global business technology website providing the latest news, analysis, and business insight for IT decision-makers. Whether it's cyber security, cloud computing, IT infrastructure, or business strategy, we aim to equip leaders with the data they need to make informed IT investments.

For regular updates delivered to your inbox and social feeds, be sure to sign up to our daily newsletter and follow on us LinkedIn and Twitter.