How many times you had to enter your password to access your company application or infrastructure from home? Do you use VPN for that? What if I told you to forget about it? You can use idemeum secure remote access to connect to your applications and infrastructure from anywhere with no passwords, additional software, or IT involvement.
What does idemeum ZTNA offer ?
Privileged access - on-premises applications, SSH servers, RDP desktops, databases
Simple deployment - no ports to open, firewall rules to change, or client agents to install
Full control - secure authentication, fine-grained access control, robust audit capabilities, session recordings, per-session MFA combined
Modern technology - replace legacy VPN with identity-aware, multiple- protocol access proxy built on zero trust concepts and principles
True passwordless - replace passwords and static credentials with biometrics and short-lived certificates
How does it work ?
Which zero trust principles are put in place ?
Never trust, always verify using passwordless multiple factors - verify and authenticate with phishing-resistant idemeum Passwordless MFA before granting access on a per-session basis to enterprise applications and infrastructure
Access to resources is determined by fine-grained dynamic policy - leverage granular dynamic access control to enforce least privilege principle and grant users the minimum access required to do their work
Leverage micro-segmentation to limit lateral movement - segmented resource access through secure network proxy service and reverse tunnels
Single-click secure access - secure and seamless single-click access to the applications and infrastructure
Supported use cases
idemeum can provide remote access to legacy / on-premise application in multiple ways :
JWT Header-based authentication
idemeum can pass user information in a JWT token as part of HTTP exchange to achieve the single sign-on. This provides a true SSO where user does not need to enter username and password and relies on JWT to verify the user identity. The downstream on-premise application will have to be modified to integrate JWT verification.
Form-based authentication - Password Vault
idemeum will leverage the password vault to achieve the form-based single sign-on. Password vault safely stores, manages, auto captures and auto-fills credentials. It also can detect password change and suggest strong one.
Applications that use LDAP authentication can integrate with idemeum LDAP Proxy. idemeum LDAP Proxy works with any directory that supports LDAP protocol for authentication.
idemeum offers seamless way to connect to Linux servers over SSH. Instead of using static passwords and SSH keys, users are authenticated with short-lived certificates instead. The terminal session is established in the browser offering one-click access to any server. Each session is recorded and can be replayed later on for security and compliance purposes.
Remote Desktop server (RDP)
idemeum offers seamless way to connect to Windows servers over RDP protocol. Once users access company portal with Passwordless MFA, then can access any server with RDP. No password is required as user will be authenticated with smart cards.
idemeum offers seamless way to connect to cloud-based or self-hosted databases. Instead of using passwords to login into the database, users are authenticated using IAM for cloud-based databases hosted in AWS, GCP... or certificate-based for self-hosted database.
idemeum Secure Remote Access uniquely offers connectivity to your on-premises resources as well as passwordless authentication and fine-grained access control, so that users truly have one-click seamless access from anywhere in the world.
So, if you wish to leverage the benefits of idemeum secure remote access for your organization— check out our idemeum platform page.
Book a demo today to learn more.