data-custody

VPN Alternative for Securing Remote Access to Legacy Applications

A municipality in Southern Ontario was seeking a method of securing remote access to legacy applications – responsible for the treasury, billing, and permit functions. Cyber insurance requirements mandated that all remote access must have multi-factor authentication and privileged access management. The IT team was challenged with meeting these new requirements but keeping the user experience simple.

Their current VPN required the addition of two separate solutions for multi-factor and privileged access management. This was not acceptable due to the added complexity for their user base and the combined added costs.

Objectives

The municipality set out to meet 4 main goals:

pam-multi-factor-authentication

Implement multi-factor authentication and privileged access management to achieve cyber insurance requirements

third-party-access

Meet budget constraints for buying, implementing, and operating the systems

role-based-access-controls

Simplify the user experience for a non-technical user base

weak-vpn-server-security

Ensure access to critical application currently not accessible remotely due to the requirement of a thick client

Zero Trust Network Access With Agilicus AnyX

The municipality selected Zero Trust Network Access (ZTNA) with Agilicus AnyX which comes complete with multi-factor authentication and privileged access enforcement. The Agilicus AnyX platform provides a Zero Trust and clientless experience for users to connect to their work securely from anywhere, on any device.

By choosing Agilicus, the municipality was able to leverage ZTNA which pairs their user specifically to the legacy application rather than to the network. Upon a connection being made, the user is challenged for a second factor of authentication and admitted through privileged access management.

The municipality achieved the following results:

identity-aware-web-application-firewall

Simplified access allowing users to connect to legacy application from any device or location

cyber-security-policies

Met cyber insurance requirements by seamlessly integrating multi-factor authentication and privileged access management

detailed-auditing

Enhanced session security achieved via an outbound only connection not visible on the public internet

role-based-access-controls

Improved user experience by simply connecting as they would in the office while using their existing employee credentials for single sign-on

As a result, the costs and extra steps to connect to a VPN were avoided by the municipality. This allowed them to achieve their cyber insurance requirements while remaining within the limited budget and avoiding added complexity. Deployment was achieved company wide in under an hour.

Business Impacts

Through implementing Zero Trust Network Access with Agilicus AnyX, the municipality achieved secure remote access to their legacy application without the use of a VPN. The Agilicus AnyX platform provided robust security while remaining light, simple, and qualifying them for cyber insurance through extra layers of protection. The municipality was also able to simplify their administrative process by choosing a solution that could be quickly installed without the necessity of network changes or added hardware.

Since deploying the Agilicus AnyX platform was for securing their legacy application for remote users, the Muncipality expanded adoption of the platform to enable access to all city resources for employees whether remote or not. With the ease of bringing on new users, the municipality was able to improve the security of their entire organisation with a frictionless deployment and deliver an invisible IT security experience for their end users.