sb-au logo
Story image

Interview: ManageEngine's VP says legacy remote solutions aren't cutting it

We’ve all heard about the risks that come with working remotely. The primary security concern facing organisations during the COVID-19 pandemic seems to be employees logging in to a company-wide internal system remotely.

VPN’s have been the industry-standard antidote to potential lapses in cybersecurity posed by remote connection, but as technology advances, and cyber attack strategies with it, some security experts believe VPN’s just aren’t cutting it anymore.

Techday spoke with ManageEngine vice president Rajesh Ganesan on the company’s solutions to the rapid changes and issues facing workforces around the globe as millions upon millions pack up their offices and work from home.

What’s the security issue with remote working?

Before the situation we’re facing today, people typically worked inside the office premises or inside the data centre. 

They assumed direct physical access to certain systems. It could be a server, database, router or firewall. But because these are sensitive and critical devices, access to these systems will be restricted when people are outside the corporate boundary.

But now with the situation completely turning upside down, companies still have to allow their administrator access to the system, even if that administrator is working remotely.

So, solutions need to be in place for these situations. And that’s where ManageEngine’s Remote Access Plus and Access Manager Plus comes in for customers.

Tell me about Remote Access Plus.

Remote Access Plus gives companies simple remote screen-sharing functionality, and in a situation where everybody is working from home, this becomes very critical.

There are basically two different functions customers can use this for while working remotely.

The first function is for IT support. So if I am a part of an IT support team, and somebody calls me for support, I can directly and remotely gain access into their machine and offer them assistance.

The second practical use for this solution is for people who have left their computers or workstations in the office. This is particularly true for people working in design, they have like big machines that are left back in the office.

When they work from home, they still need access to these systems for them to be productive. And this remote access needs to be enabled. And this is what Remote Access Plus provides.

These are the two important functionalities that remote access plus provides without absolutely no compromising security, having strong authentication and access control restrictions.

Even if you get into the corporate network, you will be able to access only one or two devices that are assigned to you, not all the information in the network.

What about Access Manager Plus?

This solution is more for the administrators working on maintaining and managing IT infrastructure. 

These administrators need remote access to maintain devices like servers, databases, network devices.

Using a simple browser-based user interface, which comes with multi-factor authentication, with one single click they can access any system in the data centre infrastructure remotely.

The solution also has a playback feature, where users can screen-record their session to be played back later. 

We’re offering both Remote Access Plus and Access Manager Plus to IT teams free until July 1 2020.

How do these products compare to a VPN?

VPN’s do not have granular controls and typically have weak authentication. And because of this, employees are still at risk of identity theft and having their session hijacked.

This is where cutting-edge technology products like Remote Access Plus or Access Manager Plus is required, where we have multiple strong layers of authentication and authorisation.

As I mentioned before, administrators can only access one or two systems based on their job function. 

If I'm a database administrator, I will be given access only to specific machines and even within that, what folder I can access and what data I can see and what actions I could perform - all of that can be controlled in a product like Access Manager Plus.

These products are contextual and granular, whereas VPN’s allow access into the network with some password mechanism and they do not allow this granularity.

Do you think remote working will become the future norm because of the pandemic?

This pandemic is a catalyst to speed up the trend of remote working. 

In the last three or four years the pattern inside our own company, a lot of our employees started to work remotely, up until now when all 8,000 of ManageEngine’s employees are working from home.

This situation just sped up the whole thing. I personally believe this model of working is here to stay.

Story image
Video: 10 Minute IT Jams - SonicWall VP on the cybersecurity lessons learned from the last 12 months
This is our seventh IT Jam with SonicWall, the cybersecurity company specialising in firewall, network security, cloud security and more.More
Story image
FortiGuard appoints former cyber warfare officer
Former RAAF cyber warfare officer Mark Robson has been appointed as senior tactical threat analyst in FortiGuard’s managed detection and response team, FortiResponder.More
Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More
Story image
Claroty discovers vulnerabilities in Ovarro TBox RTUs
The vulnerabilities could enable attackers to break into the systems and run code, crash systems, and meddle with configuration files, amongst other malicious actions.More
Story image
FrankieOne to build Westpac's BaaS identity infrastructure
“As Australians continue to look for new and different ways to do their banking, we are excited to be part of the ever-growing BaaS movement with Westpac."More
Story image
5G network security a US$9 billion dollar opportunity - report
The cloud-native nature of 5G networks will have a disruptive and positive impact on the cybersecurity industry in the next few years, with 5G network security presenting a US$9 billion enterprise market opportunity by 2025.More