Page 26 - Cyber Defense eMagazine for September 2020
P. 26
Modern enterprises increasingly rely on a distributed workforce, with contractors, employees and other
users connecting remotely over VPN. In many cases, these individuals access sensitive resources from
unmanaged devices (BYOD). This might be because they are user- owned devices or because another
organization owns them.
In such scenarios, the enterprise still needs to take reasonable precautions regarding the security posture
of the connecting system.
Minerva Labs offers a unique, effective and endpoint protection solution for unmanaged devices in such
scenarios.
Minerva’s Install-free Remote User Protection (RUP) software protects unmanaged endpoint devices
(BYOD) that are connecting to enterprises throughout the entire remote (VPN) session from malware and
non-
malware-based attacks. Minerva accomplishes this by integrating with the organization’s VPN via
the security policy, known as the Host Checker software, and provide a solution that delivers Minerva‘s
protection benefits in a click of a button. This approach reinforces other security mechanisms that might
exist on the remote system without interfering with the user’s day-to-day activities and without
compromising its privacy. Minerva’s Remote User Protection is configured as part of the VPN’s security
policy that is activated when the user attempts to initiate the VPN connection without requiring the user
to reboot and without interfering with other security tools or software on the system. Once activated,
Minerva provides all of Minerva’s prevention abilities to the end-user with no installation
required.
Minerva’s Remote User Protection doesn't require any type of installation or any special
permissions thus, the install-free agent will run with the user session permissions that are executing the
remote (VPN) session and will prevent any attacks during that session.
When allowing users to connect to their network over a VPN, enterprises often struggle to balance the
need to protect their resources from infected remote systems by imposing strict security requirements on
those endpoints. In many cases, the connection is initiated from an unmanaged device—an endpoint
that the enterprise doesn’t own (BYOD), for instance when employees use their personal home PC or
when contractors establish a VPN connection from a computer not owned by the enterprise. Sometimes
the VPN creates a false assumption that the connected system is secure, while only the connection
(tunnel) is secured, the endpoint is NOT.
Though the organization could impose some security requirements on the connecting system, it often
lacks the ability to enforce them or to mandate that the full corporate endpoint security stack be present
on the remote host. Minerva’s Remote User Protection offers the following benefits for such
circumstances:
• It provides safeguards against vast numbers of malware that otherwise would put the enterprise
at risk.
• It integrates with the organization’s VPN software to launch malware scans and to refuse or
terminate the connection when necessary.
• It is seamless, able to operate without slowing down the remote user’s system.
• It doesn’t conflict with security or other non-malicious software on the remote system.
Cyber Defense eMagazine – September 2020 Edition 26
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.
