Cameyo Expands Remote Worker Security with HTTP Port Shield

0

Remote work does not look to be going away any time soon. I covered a solution not long ago called Cameyo that offers a truly unique, simple, and secure way to quickly have, not only a secure and robust remote work solution but also, a powerful digital workspace for employees. The offering has since become even more secure with the announcement today that Cameyo expands remote worker security with HTTP port shield. Let’s take a look at how Cameyo is designed with security in mind and the new features that have been added to the port shield technology.

Providing Simple Secure and Powerful Remote Connectivity

Many organizations have had to scramble this year to provide remote work solutions for their employees in response to the situation created by the global pandemic. In the rush to provision “something” to allow employees to work remotely in an effective way, security, and many other best practices may have went by the wayside. In addition, stop-gap solutions may have been put in place with a plan to revisit these solutions in the future. Most businesses are in that situation now as they are now revisiting their plan for the long term as well as hybrid remote connectivity.

Cameyo’s unique approach to providing access to remote resources involves implementing a layer of technology on top of Microsoft’s Remote Desktop Services by way of a thin server agent. This thin “layer” that sits on the Windows Server allows delivering applications to end users by means of a browser session. Delivering even legacy applications to end users requires only an Internet connection and a browser.

Cameyo-remote-connectivity-high-level-architecture Cameyo Expands Remote Worker Security with HTTP Port Shield
Cameyo remote connectivity high-level architecture

Besides being an extremely simple and robust approach to delivering applications to end users, Cameyo has been designed with security at its core. It provides several foundational principles including:

  • Enabling secure access to both Windows desktop and Intranet web apps from behind the corporate firewall without the cost and user-experience compromise of VPNs via Cameyo’s NoVPN technology
  • Delivering all applications over HTTPS
  • Separating applications from the OS to protect against corrupted machines
  • Utilizing multi-factor authentication and dynamic 110-character passwords
  • Ensuring session & user isolation
  • Automatically wiping data from Cameyo servers as each session ends

Eyal Dotan, Founder and CTO of Cameyo explained the security features, including port shield, this way:

“Some technologies currently being used to enable remote work were developed decades ago, and were designed for a world where remote work was the exception, not the widespread norm. Cameyo is a cloud-native Digital Workspace platform that was designed from the ground up with security at the foundation. The extension of our Port Shield technology to HTTP ports is the latest evolution of our core security functionality, designed to reduce your attack surface while still making it incredibly simple to securely deliver all of the applications your people need to be productive on any device.

Cameyo Expands Remote Worker Security with HTTP Port Shield

First of all, let’s take a look at the original port shield technology. With the RDP port shield technology built into the solution, Cameyo makes use of orchestration between the cloud portal and the on-premises Cameyo server to effectively deny all traffic to TCP port 3389 (RDP) and open up traffic only as needed.

Once an authenticated session is established with Cameyo, the specific IP address for the authenticated user session is dynamically entered in the Windows Firewall as an allow rule for the connection to be made.

I really like this methodology from a security standpoint since it works off the premise that all traffic to the RDP port is denied and only authenticated sessions are added. This is much superior to “RDP protection” utilities that allow all traffic and deny only IPs that are responsible for brute force connections. It is much more secure to block all connections as a base rule.

How Cameyo Port Shield Has Evolved

Cameyo’s new announcement today is a newly evolved port shield technology that expands the protection to include not only RDP ports but also HTTP/S ports as well.

This means that the new port shield keeps all ports, including HTTP/S closed until they are needed by authenticated end users. As is the case with the RDP port shield, connectivity to HTTP/S is dynamically opened to authenticated users as needed. This drastically improves the attack surface of the solution in an age where brute force attacks and ransomware are running rampant, especially against remote workers.

Extending Cameyo Port Shield’s capabilities to HTTP ports provides an additional layer of security for organizations to ensure their people have access to business-critical apps while securing both remote workers and the corporate network at the same time.

Activating the new Port Shield

The new feature will automatically become available for existing Cameyo customers. It will be available as a new option that can be enabled for further protecting environments. No additional software will need to be installed or upgraded to take advantage of the new feature.

Concluding Thoughts

Cameyo is a very impressive solution in terms of simplicity, features, and security. It is arguably one of the easiest and most secure remote solutions available on the market to provide remote workers access to business-critical applications with only the need for a web browser to access them.

Cameyo provides a means to accelerate the adoption of cloud-native delivery of your applications for your users in a way that doesn’t take weeks or months to implement, but literally hours or days. Most importantly, it doesn’t leave security behind for the sake of simplicity. It is simply part of the core product.

Take a look at our previous Cameyo coverage here:

Visit the official Cameyo site:

StarWind VSAN