MCP Microsystems Case Study: Access control and system security enhancement

Case Study: Access Control and System Security

The Challenge

The customer needed to allow remote workers access to the central computer systems, but also needed very strict control and a high level of security.

Our Solution

We implemented a system based upon Cisco VPN technology in conjunction with RSA SecurID tokens. The tokens use a PIN system and have keycodes that change every 60 seconds, so that the users must enter both a PIN and the current keycode to gain access to the main site systems on a secure VPN connection.

We also configured the system to prevent a compromised remote user's notebook or desktop computer from being used to gain access to the main systems, by preventing simultaneous access to the internet and to the main site systems. Once connected to the main site systems, the users can only access those systems, and any internet access is then carried out through the main site firewall and ISA servers for maximum protection.

We implemented a group access policy, with each group of user having only the required level of access to main site systems. For example, some users would have full LAN access with all ports available, whilst others would have access only to a single AS400 host on a limited range of ports.

Recommended

iCare ICT Support Package

Affordable peace of mind

Free Survey

New ideas and suggestions to improve your ICT

Sectors

Charities, Transport, Manufacturing & Engineering, Building & Construction, Creative & Media, Education, Retail & Distribution, Leisure & Tourism, Business & Professional Services

Technologies

Voice PBX & Data, Remote Management, High Performance Servers, Backup & Security, Server Consolidation & Thin Clients, Packaged Solutions, ePOS, Printing, Barcoding & RFID, Display