Assure compliance with data protection acts (GDPR, SOC 2, HIPAA, NIS2), and keep track of which users and devices access which systems and applications. In the event of a breach, investigate the compromise, reduce impact, and patch up vulnerabilities.Create Free AccountSee Demo
No card needed. Full onboarding support.
Protect user data and meet the requirements of data protection acts (GDPR, SOC 2, HIPAA, NIS2).
Control all user accounts, access permissions, and systems centrally. Bundle access permissions on virtual access cards.
A 100% SaaS-delivered global infrastructure. Connect from anywhere to any company resource securely and with ease.
Access Logs demo
Starter is a free business VPN that creates a secure VPN infrastructure for your virtual organization. Every time a user connects, GoodAccess automatically seeks out the nearest gateway location with the lowest latency and assigns an IP address dynamically. This enables secure private browsing and encrypted remote access to IT resources for your coworkers, even if they connect through public Wi-Fi.
Starter comes equipped with Threat Blocker, an always-on feature that stops phishing, malware, botnets, ransomware ploys and other online security threats before they hit the user and breach your network. Learn more about GoodAccess Threat Blocker.
GoodAccess comes with one-click applications for iOS, macOS, Android, Windows and ChromeOS. No configuration is needed. Just invite your colleagues via email to create their account and get the GoodAccess app.
Pinpoint anomalous behaviors
See which users and devices connect to which systems or applications. Examine timestamps and amounts of data uploaded/downloaded. Pinpoint anomalous behaviors and compromised devices.
prevent future breaches
Trace the attacker’s footsteps and isolate non-compliant devices to reduce impact. See vulnerabilities in your security ecosystem and remedy them to prevent future breaches.
Comply with data protection acts by continuously collecting privacy-conscious data on user access behavior for root-cause analysis.
No card required.
Full onboarding support.
We were looking for fast, secure, and quality audio transmission. We are excited that GoodAccess allows our agents to make phone calls with our clients via VOIP provider using the office IP from their home. GoodAccess is inexpensive, easy-to-use, safe, and the support team is brilliant!
GoodAccess has strong encryption which shows to our customers that we take great care in protecting their data. The app is straightforward to use so we can access our systems from 14 different time zones and work efficiently. Simply a VPN with static IP for a great price.
It's important for us that GoodAccess' VPN with static IP is fast & has low latency, which feels like working from the office. I love the user friendly control panel, which just makes the work much easier!
GoodAccess increases the level of security in our organization. We use it to access several cloud services and our data warehouse. We appreciate the customer-oriented support team, frequent product updates, and the excellent price/value ratio.
Test all premium features for 14 days without limitation. No credit card required.
Connect to a gateway near your location, decide what systems to include in your secure environment.
Invite team members and view access logs in the central console.
No card needed. Full onboarding support.
Keep track of your users’ behavior, network security status, and threat activity in one place.
Protect your network from phishing attempts, malicious domains, or productivity sinks.
Minimize the attack surface by robust user authentication, granular privilege assignment, and strong encryption.
Access Logs guide
Tracking user access history is a legal requirement of data protection acts like GDPR and one of the core principles of zero trust. It entails the continuous collection and logging of essential information like user account ID, source IP address, target IP address, connection timestamp, or the amount of data transmitted.
System-Level Access Logs provide vital information during post-compromise analysis. They provide insight into who accessed what systems, when, how long the session was, and how much data was uploaded or downloaded. When a breach occurs, they help locate the compromised device and contain the attack, as well as retrospectively track down the adversary’s movements and reveal whatever vulnerabilities that allowed them to enter.
Gateway-level Access Logs provide a quick glance of users connected to your Gateways.
1. Log into your GoodAccess Control Panel.
2. Go to the Access Logs section.
3. Switch between Gateway-Level and System-Level tabs to access the logs you want
4. You can view your team members’ access history and export it as a CSV or PDF.
Application logs record the execution of an application including various statistics or errors that occurred. They are used to provide feedback on stability issues or usage habits.
Access logs, on the other hand, track information about communication sessions between user devices and systems or applications. They provide insights into security compliance or ongoing attacks.
Collectively known as data protection acts, GDPR, SOC 2, HIPAA, and NIS2 are legal documents that regulate handling and protection of user data.
GDPR stands for the General Data Protection Regulation and it applies to entities within the EU. It defines three general roles: controller (someone who collects data, e.g. a private business), processor (someone who processes data on someone’s behalf, e.g. a cloud service provider), and data subject (a private individual). The Act states basic rights and obligations for all three ensuring transparency of purpose, access and processing only the data that is strictly necessary for that purpose, and barring access to anyone without a legitimate interest.
SOC 2 (Systems and Organization Controls) is a set of reports providing guidance to US-based service organizations on security, availability, and processing integrity of the service provider’s systems. Specific areas covered are oversight by the organization, vendor management programs, internal corporate governance and risk management processes, and regulatory oversight.
HIPAA (Health Insurance Portability and Accountability Act of 1996) is a data protection act effective in the USA that regulates the maintenance and handling of personally identifiable information and its protection from fraud and theft. It is aimed at healthcare providers, stipulating that no one other than the patient (or a person authorized by the patient) has access to their medical information.
NIS2 (Network and Information Systems 2) is an EU-wide cybersecurity Directive with the goal of increasing the cybersecurity resilience of institutions and selected businesses across the European Union. It expands the scope of the previous NIS Directive to oblige more sectors and services. In addition, it introduces stricter security requirements, sets the basis for establishing the European Cyber Crises Liaison Organization Network, and enforces enhanced supervision, incident reporting obligations, and fines for non-compliance.
Assuming you’re an organization that collects some user data for the purposes of conducting your business (e.g. contact or billing information), you can summarize your obligations as follows:
Protect user information from unauthorized access and misuse
Allow individuals access to their private information on request
Delete an individual’s information on request
Declare your purpose for collecting personal information in full
Retain user data and history for a legally defined period
Allow access to parties with a legitimate interest, e.g. for police investigation
Further, you must not:
Collect private information without the user’s consent
Collect more information than strictly necessary to conduct your business
Sell private user information to a third party without the user’s consent
For details, please refer to the obligations as stated by the data protection act valid in your country.