There company had an existing remote access solution in use by the remote users. While the company was in process of planning for an expansion, an increased opex cost and the risk for a data breach with the existing remote access solution were identified. The following two sections detail how that was addressed.
Approach Explanation
The technical approach selected was selected based on the ability to mitigating two different issues with a single solution. The first issue is eliminating the possibility of PII, PHI or sensitive corporate data from ending up on the remote computing devices. The second issue is to remove the need for a full network vpn access to the corporate data center. In using standard security engineering practices, both…show more content… The client authentication ensures that only approved clients will have access to the corporate services remotely. This is accomplished via the pki infrastructure where certificates from the internal certificate authority will be installed on each device that will have authorized access to the services.
For authorized devices, users will be provided access to the corporate applications via strong authentication using the existing multi-factor OTP environment. This helps protect the user account against common vulnerabilities that could be executed on a malware infected computer.
Application service delivery will be accomplished via encrypted protocols using https as the transport mechanism. Authenticated users are able to access the environment via the encrypted protocol providing for secure service delivery to the remote client computer.
And finally after the client has been authenticated, the user has been authenticated, the user has been authorized and the secure sessions have been established, the user can consume the business application services to perform their normal business…show more content… Internal IT services were then used for the installation, deployment and configuration of the new solution. The IT services team mounted the Citrix Netscalers in the data center and made the appropriate network connections. The IT services virtualization/Citrix specialists were responsible for the deployment of the four Windows 2012r2 servers in the existing VMWare environment. The virtualization/Citrix specialists were also responsible for engaging Citrix services for assistance in configuring the NetScalers with the recommended settings. As the specialists also maintain and manage the existing Citrix environment, they then provided the services and expertise necessary to configure the four new additional servers into the Citrix
