Working from home is becoming increasingly popular. More and more companies embrace the idea of letting their employees to work remotely.
At Headtechnology we offer various technical solutions and products to help companies to set up a safe process of working from home for their employees. Here we have answers to the most important questions about the working from home safety for professionals.
- Identify and profile all connected devices in real-time
- Restrict network access to unauthorized and uncompliant devices
- Block unauthorized BYOD devices
- Monitor and manage VPN connections
- Automatic device remediation
Forescout CounterACT is a solution that allows to control devices’ access to the corporate network and to enforce compliance policies for devices located inside the company’s local network as well as the remote devices connected via VPN. Network infrastructure integration (switches, routers, wireless access controllers, and VPN concentrators) allows you to block attempts of connections to the restricted resources, to manage switchport VLANs and to access lists, active VPN and wireless network connections.
- Configure remote user access to corporate resources, web applications, and systems via RDP, SSH
- Set up a single-entry point for remote users and contractors
- Follow the zero-trust principle and provide minimal privileges for windows and Linux administrators
- Record and audit user actions in controlled systems
- Organize automatic local accounts management and passwords rotation
Centrify allows you to manage users administrative privileges, to restrict users to whitelisted applications and commands with elevated rights, set up remote access to corporate resources for employees and contractors both for domain and local users eliminating the need to reveal and transfer passwords. It also provides privileged users session monitoring with search mechanism and alerts. The solution also provides a mechanism for automatic user authentication to corporate web applications from a single console.
- Track employee activity during the workflow time (information about activity on the user PC, how much time was spent using an application)
- Track text in sent emails, conversations in messengers (Skype, and so on), opened web pages and requests in search browsers
- Take screenshots of the desktop at a certain time interval or according to a specified task
- Track movement or changes of corporate files, use of removable devices, the printing of corporate documents
- Receive real-time notifications (for example, when visiting prohibited sites, or downloading prohibited applications)
Veriato allows you to track usage of various applications, Internet resources, and time spent for work during the working process by using data collected from clients’ PCs and sending these statistics to the server part located inside the corporate network.
An additional product, Veriato Recon, enables you to add User Behavior Analytics to the functionality (to build user behavior models to detect a potential corporate data leakage, or to reveal non-productive employees) based on data collected from user devices.
- Grant access based on context-sensitive identity
- Implement a secure, encrypted connection between the user and the target system. Make the entire network completely invisible
- Exclude lateral movement in internal networks
- Launch a cloud-based, highly scalable and distributed system
Cyxtera’s AppGate SDP (Software Defined Perimeter) allows organizations to define security policies, making the application and server infrastructure virtually “invisible”, which helps to restrict employees’ access to resources that are not essential for them.
A Software-Defined Perimeter (SDP) architecture is made up of three primary components: a client, a controller, and a gateway. The controller is the brains of the system, acting as a trust broker. The Controller checks context and grants entitlements. The controller and gateway are completely cloaked.
Using Single-Packet Authorization (SPA), the client device sends an access request and authenticates it with the controller. The controller validates credentials and applies access policies based on user, environment, and infrastructure information.
- Place secure file storage in your own infrastructure
- Ensure encryption of data “in rest” and “in motion”
- Leverage integration with existing IT / IS systems: authentication, event management, threat prevention, data leak prevention, etc. (LDAP, MFA, SSO, SIEM, ATP, DLP)
- Provide users with a convenient interface to access a single platform for sharing information
Accellion Kiteworks is designed to protect and control the corporate information exchange within and outside the company’s network. By consolidating secure content communication channels on one secure platform, Accellion provides administrators with full data flow visibility. The encrypted file storage is located within the corporate server, while the solution interface enables a secure access to the required data (according to the configured role model) from anywhere in the network, including a remote location like home.
- Check mobile devices and networks
- Identify the user, authorize mobile applications, detect and eliminate mobile threats
- Get access to resources within the company’s corporate network using a secure network connection
- Apply security policies to check the device status before granting a remote access
MobileIron Unified Endpoint Management (UEM) platform improves data security by taking more information signals into account before granting access to business resources. It validates the device, establishes user context, checks app authorization, verifies the network, and detects and mitigates threats before allowing access to critical resources. The solution provides a foundation for the industry’s first mobile-centric, zero-trust enterprise security framework, enabling technologies such as zero sign-on (ZSO) user and device authentication, and multi-factor authentication (MFA). It protects corporate data on the device itself, on the cloud, or during the information transmission.
- Improve communication between the teams
- Create faster and easier information exchange
- Implement strong data protection and security
- Organize professional administration and compliance structure
- Set up an alert function for communication in crisis or emergency
- Empower a Large Mobile Workforce
- Start a comprehensive integration in the IT system
Teamwire is a fast, intuitive, and secure corporate messenger, which solves the “WhatsApp for business” issue, increases productivity, and improves team communication. Users can send one to one and group messages, exchange photos, videos, voice messages, locations, calendar dates, files and much more. Teamwire fully complies with European data protection regulations and the GDPR and it is a completely encrypted solution. The server’s components can be installed in the cloud, a private cloud or it can be done as a fully on-premise option. You can use a client’s web application or install the agent on iOS, Android, Windows, MacOS and Linux.
- Implement user-friendly software for remote computer management
- To build-in utilities such as a chat, a file transfer, and a screenshot utility.
- Supports remote desktop connection to Windows, Linux, and Mac OS X systems
- Enable remote restart of computers, start/stop services and processes, copy/delete files, view and clear system event logs, and other remote functions.
Dameware Remote Support designed to troubleshoot Windows computers without having to initiate remote control sessions. The built-in system tools and remote administration functions of Dameware Remote Support can be used to access reboot systems, start/stop services and processes, copy/delete files, view and clear event logs, and more on the remote computers.
- Define a single authentication server with a centralized management system for all corporate resources (one installation solves many tasks at once)
- Launch a quick deployment (software installer or virtual application) on Windows / Linux / VMware / MS Hyber-V platforms
- Prepare configurable plugins for the most important services (OWA, VPN, ADFS, Citrix, SalesForce, etc.)
- Create a client agent for Windows workstations and terminal access and integration with LDAP
- Diversify security levels for various user groups (mobile and hardware authenticators, passcode and biometric protection, real-time protection of the mobile application from cyber-attacks, etc.) — control over budget expenditures
OneSpan Data Security, the world’s leader in strong authentication technology, which makes banking security available for the corporate market, eliminating risks of an unauthorized network, applications and data access. OneSpan DIGIPASS can be used to securely log on to the corporate network, as well as log on to Windows, Outlook Web Access, and Citrix.
- Integrate corporate mobile apps into existing infrastructure (Active Directory)
- Use certificates for strong secure authentication
- Integrate with a third-party UEM solution to simplify configuration on the end-user device
Hypergate Authenticator delivers a seamless and secure Single Sign On solution integrating directly with Active Directory. It enables your employees to access company resources on their Android and iOS smartphones as they do on a computer.
Hypergate brings out of the box compatibility with EMM solutions like MobileIron, Microsoft Intune, VMware Workspace ONE® UEM powered by AirWatch, SOTI MobileControl® or BlackBerry® UEM. It is entirely configurable through managed configurations, which can be easily edited in your UEM backend. No additional steps are required to set up the Kerberos authentication for end-user. You can provide secure access to KCD through UEM-solution, like MobileIron Tunnel.
Implement entirely password-free authentication with certificates.
- Remote control over the cloud with a simple Internet connection
- Make multiple connections to the same device for direct access to unused computers
- Support multiple screens for expanding technical support capabilities by demonstrating whiteboards, audio, and video with the ability to view the technical support employee’s screen
- Support terminal servers for troubleshooting and remote session management without a VPN connection
- Share files between the host and slave computers
- Continued availability to use with a Windows PC, Mac, iOS or Android devices
- Set up a system, multilingual reporting function with support for corporate identity, as well as functional requirements and corporate safety standards
The Matrix42 Remote Control module allows the support department to assist users using remote access at any time, as they can access the system in a matter of seconds even if it is protected by a Firewall.