Any web application or website exposed to the Internet is susceptible to attacks. In many cases companies have no choice but to expose these web applications to the internet, so that employees, remote workers and partners can access them.
In most companies, internal web applications are placed behind a firewall to isolate them from the internet. This firewall needs to allow legitimate users to the web application, so rules are created for this to happen. Poor setup, bad configuration and new exploits in firewall firmware and software mean that many firewalls do not work as intended and web applications are exposed to the internet with the subsequent security risk that this entails. Due to the complexity of maintaining the firewall, some companies don’t bother with them at all and choose convenience over security.
New vulnerabilities are detected and published each day. This can affect the software that runs on the exposed servers and automatically poses a risk to the security of all information and corporate infrastructure.
One solution to this problem is to completely isolate internal web applications and create a VPN that allows users to access from outside the internal network. Unfortunately, this is a complex and difficult to maintain system.
SecureAccess® CLOUD is a cloud-based access control service. It provides an additional layer of security to Internet facing web applications.
To tackle this problem, SecureAccess® CLOUD proposes a simple but effective solution that doesn’t involve complex VPN setup and maintenance. It acts as an access control layer between corporate web applications and the internet.
Users can not access the final web application without first going through the process of validating their credentials in SecureAccess® CLOUD. If users cannot pass the validation, they will be unable to access the web application and attackers will be unable exploit any vulnerabilities in the web application.
Placing SecureAccess® CLOUD between end users and your servers brings multiple security features that are distributed in a configurable multi-layer architecture. These features are distributed in three layers: Security Services, Authentication and Authorization.
Each one of the contain several modules that can be enabled to obtain the level of security required for each protected web application.
SecureAccess® CLOUD can integrate every type of web application: from project management tools, corporative wikis, CRM / Intranet, to error-monitoring systems and panel administrations for any type of network. Moreover, SecureAccess® CLOUD does not require installation of additional software or complex configurations.
SecureAccess® CLOUD further enhances security with double factor authentication, introducing its own phone application: SecureAccess® 2FA. It prevents the access of non-legitimate users to the corporate web applications. It offers a full access control service without the need for extra authentication providers.
SecureAccess® CLOUD allows organisations to protect their web applications simply and cost effectively whilst ensuring scalability and granularity in access control. All this is managed from a simple intuitive configuration panel and with data visualisation of the use of the platform.
SecureAccess® CLOUD integrates a WAF that follows a set of configurable rules to allow genuine requests to pass and blocks malicious requests from reaching the final web applications.
SecureAccess® CLOUD encrypts all traffic without affecting the company’s performance or connection speed.
SecureAccess® CLOUD generates HTTPS certificates for free and offers the possibility to install your own certificates through the administration panel.