by Shane Henson — September 7, 2011—Facilities managers and other supervisors involved with ensuring telecommuting employees can conduct business securely via their computers may find help from Officescape’s recently enhanced Telesecure Computing solution, which is now supported by Computer Lab International (CLI), the thin client customization specialists.
According to Officescape designers, this security solution and management platform leverages the latest Smart Card as well as thin client technology to provide a secure computing environment suitable for teleworkers. It is designed to adequately address and solve many identity management issues that typically leave organizations vulnerable to costly intrusions and data insecurity when supporting users outside of their corporate firewalls.
The updated solution adds another layer of security to a typical secure VPN connection. Use of Officescape’s FIPS-compliant Smart Card and TelOffice Box allows for password encryption even prior to establishing a VPN connection, mitigating many of the risks associated with traditional VPN login over WAN. Identity management and access control are also addressed by requiring two-factor authentication (NIST SP 800-46), in the form of a physical token (Smart Card) and logical token (password or biometric) before allowing access to servers.
This two-factor authentication reportedly eliminates the risk of “virtual fishing” for login credentials because, without the Smart Card present, there is simply no way to attempt access. Officescape’s Smart Card includes an encrypted certificate, secure 3DES key and bad password counter file, which prevent tampering in the event the card is lost or stolen.
In addition to the security benefits, Officescape’s updated Telesecure Computing solution can also simplify the login experience for remote workers. During the development process, Officescape works with its clients to custom-build startup files and a login process, which launch desired software programs such as VPN, and embeds them onto each Smart Card. Once the initial process is complete, provisioning and rights modification of the Smart Cards can be done by any authorized administrator.
