top of page
Woman working from home

In the home office, remotely
and mobile, highly secure work 

The following example is a city administration in Germany. The example can of course be applied to any company, association, insurance company, organization... that requires home and mobile workstations with maximum security and wants to reduce costs, implementation time and administration effort. 

 

Requirement and problem

The city administration would like to set up home and mobile workstations for its employees. All tested solutions required high investments, waiting times and immense administrative effort when setting up home PCs and installing the necessary VPN servers or secure gateways, as well as setting up a terminal or Citrix server. In order to provide all employees with secure home PCs that also meet legal requirements, the only option left was to provide hardened notebooks for each home office.

The evaluation of the possible solutions resulted in enormous effort combined with high costs for the purchase and installation of a new server infrastructure, licenses and notebooks. Even if a large budget were spent on this, it was not possible to introduce a quick and satisfactory solution in the foreseeable future using traditional technologies. Integration into existing structures would also not be possible without risky compromises. 

Conventional concepts are based on today's technology and consist of a VPN server, one or, better, several terminal servers, Citrix servers and storefront clients. Purchasing and putting it into operation would be costly and time-consuming.

Using the existing client infrastructure solutions such as TeamViewer, which already involved high license costs, was out of the question simply because of major security concerns. For example, a TeamViewer client installed on the home PC keeps access to the network open and waits for a connection from the Internet. This enables all Internet participants to control the communication port that is open to the outside and use it to attack the PC and the network. Working remotely on an office PC via a TeamViewer connection via a home PC is equally worrying. The work on the employee's home PC can be followed on the monitor of the office PC without much effort. All you have to do is sit down in front of the office PC and turn on the monitor - incompatible with the data protection guidelines. 

 

The solution - sayTRUST VPSC ZeroTrust Client Access

sayTRUST VPSC was able to meet all requirements, eliminate security gaps and problems and present an easy-to-use solution. The installation of the sayTRUST server, the administration software and the instruction were completed in just a few hours. The group work environments, distribution and configuration (including authorizations) were set up centrally using the administration software. The employees then received the blank client access tokens. 

When they were put into operation, these were automatically loaded according to the authorizations of each employee. In this case, the authorization was only limited to the fact that employees could switch on their office PCs from their home PCs and switch them off again after work. Access is via the sayTRUST VPSC tunnel from the encrypted RAM of the home PC. Since all applications were already installed on the office PCs, work could begin immediately in the same, familiar working environment.

The applicable data protection and security requirements were met because the connection from the home PC to the management network was decoupled and isolated, there was no interaction between the home PC and the communication, and no traces remained on the home PC and the communication route. This meant that manipulation or man-in-the-middle attacks were not possible.

The operating and personnel costs have been reduced, license costs have been reduced, and the administration effort has been reducedreduced by 70%, There was no need to purchase hardened laptops, etc. .... 

The advantages are inComparison to conventional systems enormous. The ROI is often only 12 months.

bottom of page