Case Study: BAR-organisatie
Government Service Organization Chooses Impero for Secure Remote Support
We often read in newspapers that organizations with sensitive information – such as local government agencies – are targets for cyber-crime attacks. The internet makes it easy for anyone to access systems and transfer files to and away from them. With the threat of fines being imposed on organizations who do not protect their data adequately, the BAR-organisatie is pioneering in making certain they have the control they need over access to confidential data.
Until now, external vendors had access to BAR-organisatie’s servers through many different remote control tools. This made it difficult to know who was accessing which devices and what they were doing on them. BAR-organisatie decided to consolidate to one tool that would allow granular control over access to devices and the type of remote actions that can be executed.
Many local government organizations were victims of hacking last year. In accordance with the new Data Protection Act, adopted early in the Netherlands, most of these data leakages were reported. All countries and organizations that serve customers in the EU will need to adhere to the General Data Protection Regulation (GDPR) by the 25th of May 2018.
Henry said, ‘’Ransomware attacks are frequent. Although they have only once penetrated our systems, it did cost two of our people a half-day to restore data and get our systems up and running again.”
Along with the need to implement Multi-Factor Authentication, the BAR-organisatie wanted to log all remote control sessions. With logging and session recording, BAR-organisatie has the information they need to respond in the event of a data breach or audit.
The use of Impero’s Portal and browser-based support console allows BAR-organisatie to manage external vendors’ access to servers for maintenance or troubleshooting without the need to install Impero’s software. Vendors can login from anywhere using the Impero Portal and authenticate with native or existing multi-factor authentication methods. Vendors can also install Impero Connect locally to transfer files which can then be scanned by anti-virus software before being installed on the servers. Firewalls can now be locked down to block all other remote control tools and allow only Impero Connect to pass through its proprietary port.
With Impero the BAR-organisatie can log and record all remote control sessions. Using the on-premise version of Impero’s WebConnect connection service, system engineers can use the full Impero Guest to carry out all types of remote control to maintain or troubleshoot their servers from inside or outside the network. All access is secured with multi-factor authentication, customizable user rights controls, logging and session recording to comply with data protection regulations. It goes without saying that Impero employs the highest levels of data encryption.
The Impero Security Server allows BAR-organisatie to manage user permissions and roles centrally. It integrates with BAR-organisatie’s AD for the first level of authentication and then uses BAR’s own multi-factor authentication.
Why They Chose Impero
Henry knew Impero from the past and remembered that it had worked well. He was attracted by Impero’s new user-friendly portal which looked ideal for use by BAR-organisatie’s external vendors. Impero installed a POC in the BAR-organisatie environment so that they could fully test if the solution would meet their needs. The main reason to choose Impero was that it gives control over who is doing what, where and when on their systems. Other, less secure tools make it easy for people to transfer files to outside the organization.
Henry went on to say, “Now that we have Impero, we can block the use of all other remote control tools in our firewall. With Impero, we can granularly configure to allow those with permission to carry out certain remote activities on specific servers while logging and, if necessary, recording these sessions.”