Article Title 1 Article Title 1
Our regular costumer assigned us such a task as redeployment of some staff of the organization to remote work with a high level of confidentiality. Further employment of remote staff will take place with the full control over operations and information access control.
This task was implemented as follows:
For remote staff, who are working with company databases in
weekdays in real time, the standard solution was the remote
It is composed of a terminal server with GPU + remote desktops with Parallels RAS.
For remote staff, which operate the data of the company with
pre-loading data to storage media on the remote user side
without a defined schedule and with different time zones, the
solution was the central management platform DataLocker
SafeConsole (on premise), which works with Datalocker SENTRY
ONE/Sentry K300 protected drives. These staff were not required
to be monitored, but data had to be protected from forced
disclosure by third parties on the staff member’s side.
For this purpose was created a server program that interacts with SafeConsole by api, receives data from the gps tracking service, the applications of which must be installed on the smartphones of staff of this category. For each staff member, the service specifies locations and other triggers for which the program gives permission to decrypt and open a secure storage automatically or via the security policy administrator (manually). You must send special codes to a normal not eye-catching group in the messenger, when requesting access keys to a secure storage.
Code varieties known only to the user automatically trigger different functions, such as remotely locking or deleting the data on the drive, and inform the administrator of an attempt to compromise the information. After sending the password to the group, the bot transfers the entered code to the application for security management and removes the message in the group. For programmers and temporary staff who do not have secure drives, use the Teampassword Manager Corporate Password Manager.
Our program provides some add-on for a more subtle and automatic customization of the security policy (when, for what, for what purpose, for what purpose, to remind about the password change period) automatic or manual turn on/off of the password group, specific password or user access to password manager in general. Implemented through api interaction in Teampassword Manager corporate password storage product.