Blog article

Remote Access Control - What is it and how does it work?

Access control is a security strategy that deals with the protection of company systems and security of data transmitted over the Internet.

7

Min read

Remote Access

Petr Pecha

Table of Contents
This is also a heading
This is a heading

Remote access control is a necessary component of company security that ensures users can access systems securely and their data stays private. There are several approaches to implementing access control depending on the needs and resources a company has.

Table of contents

  1. What is access control?
  2. How does access control work?
  3. Step one: Authentication
  4. Step two: Authorization
  5. Types of access control
  6. Why do you need access control?
  7. Access control is a security must-have
  8. Access control can be practical
  9. What does GoodAccess handle access control?

What is access control?

In computing, access control deals with authenticating and authorizing users, and logging access history for auditing purposes. It is one of the pillars of company security policies as it involves assigning and verifying user privileges to selected systems.

Nowadays, access control usually incorporates elements of zero trust, which is an approach that disregards implicit trust in users attempting to gain access and instead ascribes it on a least-privilege basis. That way users can only access those systems they actually need.

How does access control work?

Step one: Authentication

Authentication is a process that verifies the user’s access credentials. Traditionally, they consist of a username and password, but often include others, like one-time passcodes, security tokens, or biometric scans (collectively known as multi-factor authentication).

The purpose of authentication is to make sure the user is who they claim to be and to prevent access for unauthorized personnel.

Step two: Authorization

During authorization, the user is assigned privileges that define what they are allowed to do in the systems they are accessing. For instance, some users can hold administrator rights, some edit rights, and some only be permitted to view the content.

Types of access control

There are several policy models that companies generally adopt.

  • Discretionary access control (DAC) - In discretionary policies the owner directly manages individual user privileges and access to each company system.
  • Mandatory access control (MAC) - Mandatory policies assign access based on progressive levels of clearance (think “confidential, secret, top secret”). The access rights are managed by a central regulating authority.
  • Role-based access control (RBAC) - This widely used model assigns access based on predefined company functions; i.e., what they do and need. For example, developers and salespeople will have access to different company systems, and you can expect managers and administrators to have higher privileges than more junior employees.
  • Attribute-based access control (ABAC) - This model requires users to provide certain attributes to prove that they are eligible for access. These attributes can be simple, such as proving you are of a certain age, or complex, combining information like user data, job title, department, geographical location, time of day, type of resource being accessed, etc.

Why do you need access control?

Access control is a security must-have

Whenever a company gets hacked, the question they ask is, “How did they get in?” Access control is a vital mechanism among the data protection measures that businesses are using. A bulletproof access control strategy is one of your best defenses against data leakage.

Especially companies with multicloud infrastructures, whose systems, resources, and employees are often spread out far beyond company premises, need a robust remote access scheme to ensure users and sensitive data are protected from exposure when traveling over the internet.

Access credentials themselves are also a tempting target for interception, as credential mining can be a lucrative pursuit for those who have the means to steal them.

All this indicates two things. One, the attack surface is enormous, and, two, sending data via unsecured connections is risky to say the least. It is therefore essential to send your data via a private encrypted channel when accessing your systems remotely.

Access control can be practical

Restricting user access not only prevents deliberate tampering with data but also inadvertent mistakes. It’s common sense to restrict access to certain systems, allowing in only teams or departments that know how to use them.

However, if you have a lot of team members, setting up granular privileges for them is a lot of work, and can be tough to maintain in the long-term. Fortunately, access control solutions often offer mechanisms to make the work simpler and the whole system easier to manage.

What does GoodAccess handle access control?

GoodAccess creates a private virtual network of double-encrypted connections and uses the mechanism of access cards to implement access control. These access cards work very much like their real-world counterparts. You simply create an access card, choose which systems it authorizes access to, and assign it to users.

The benefit is three-fold:

  1. It’s more practical. Instead of granting privileges to each system individually, you can bundle them onto an access card and assign them per role.
  2. It’s an easy way to segment your IT estate. For instance, if a salesperson’s credentials get compromised, the attacker only gets access to the CRM system and perhaps a few other systems, but your database server (where salespeople have no business being) would be unharmed. Segmentation in this sense is all about preventing compromise from escalating by containing it on a least-privilege, role-divided basis.
  3. Access control in GoodAccess is network-based. That means it doesn’t deal with the access credentials to a specific system but defines access on the network layer.

You can try out GoodAccess’ access control yourself; just sign up for your 14-day trial.


Network security

What Is SCIM? Everything You Need To Know

System for Cross-domain Identity Management (SCIM) helps businesses to automatically manage user accounts across different applications and systems.

Learn more

5

Min read

VPN

OpenVPN vs WireGuard: Top Two VPN Protocols Side By Side

OpenVPN and WireGuard are the top 2 VPN protocols out there. WireGuard excels at speed and efficiency, while OpenVPN offers more compatibility and configuration flexibility.

Learn more

11

Min read

Network security

What Is Cybersecurity Posture And Why Should It Matter To Your Business?

Cybersecurity posture reflects an organization’s ability to fend off cyberattacks. It is a composite of countermeasures against multiple attack vectors.

Learn more

20

Min read

In GoodAccess, we invest our passion into developing a cybersecurity platform that is easy to deploy, easy to manage, and easy to use.

Education
VPN with Static IP Explained
What is Business Cloud VPN
What is IP Whitelisting
DNS Filtering Explained
Zero Trust Network Access
35+ Gateways Worldwide
How secure is GoodAccess
Compliance Made Easy
Platform
Free business VPN
Business VPN
Zero trust network access
Software defined perimeter
Secure web gateway
Remote access VPN
Features
Dedicated VPN gateway
Static IP address
Central dashboard
Zero-trust access control
DNS filtering
Multi-factor authentication
Network access control
Split tunneling
Access logs
IP whitelisting
SSO
Resources
Product tour
Blog
Events & webinars
Support portal
Customers
Integrations
Company
About us
Become a partner
Become an affiliate
Careers
Newsroom
Contact us
Partner
Sign up form
Pricing
Plans
Small teams
Starter
Download App
iOS
Mac
Android
Windows
Chrome OS
Linux script

Copyright ©2023
GoodAccess

Facebook icon LinkedIn iconTwitter icon
Acceptable Usage Policy
Term & Conditions
Privacy Policy