How to Simplify Secure Access for Third-Parties and Temporary Users
Share This
The Importance of Securing Third-Party Access
In today’s interconnected business environment, collaboration with external parties such as vendors, contractors, partners, and suppliers is the norm. These collaborations often necessitate granting third parties with access to internal systems, networks, or data. However, every access point can be a potential vulnerability to IT administrators, and securing access for third party and temporary users is crucial to protect sensitive information.
Tackling the Unique Challenges of Third-Party Access
As IT administrators, you face distinctive challenges when managing third-party access and opening up your internal systems and resources to these external parties. Here’s a breakdown for those on the frontline of tech implementation:
Limited Scope and Duration: Unlike regular employees, third-parties often need access for a limited duration or specific tasks. This requires granular control, meaning you have to be on top of who can access what resources, and for how long.
Varied Identities: With a range of external entities including vendors, contractors, partners, and suppliers, each has unique access needs. Your system needs to adapt to these requirements efficiently, which requires flexibility and scalability.
Revolving Access: Efficient processes for onboarding and offboarding are essential to ensure third parties only have access for as long as they genuinely need it.
Auditing and Monitoring: Keeping an eye on third-party activities can be the difference between a secure system and a costly data breach. Regular audits improve oversight and promote accountability and compliance.
Enabling Third-Party Access at the Speed of Your Business
Third-party access management demands a dynamic and adaptive approach that accounts for the unique risks, identities, and requirements that external entities bring. However, existing IT tools and approaches are cumbersome and lack security controls. Splashtop Secure Workspace (SSW) provides a unique solution to enable third-party access with a few clicks, making the lives of IT administrators easier by dramatically cutting down the onboarding and offboarding time, and simplifying real-time monitoring and comprehensive security controls.
On-Demand Onboarding
Many companies work with external IT support to handle technical issues or conduct maintenance on their internal systems and servers. For controlled access, it’s not uncommon to connect with external IT personnel through a Remote Desktop Protocol (RDP) server. Achieving this often involves several steps including setting up a dedicated RDP server, creating user accounts for authorized external IT, establishing a virtual private network (VPN), setting permissions for limited privileges and access rights to ensure they can only perform necessary tasks, and making sure the access is revoked when the tasks are completed. This process can be cumbersome and time consuming to complete.
With Splashtop Secure Workspace, this onboarding process is as simple as sending the third-party user a secure link as showcased in this video.
Onboarding with SSO
Integrating access tools with existing systems is crucial for streamlined workflows. Splashtop Secure Workspace seamlessly integrates with Single-Sign-On (SSO) solutions such as Microsoft Azure Active Directory (now Entra ID), Okta, or GitHub. This means users can authenticate with their SSO identity while preserving the convenient browser-based access. For example, a company can onboard a contractor for a software development project via their GitHub account by taking the following steps:
Configure GitHub as an identity provider on Splashtop Secure Workspace (SSW)
Register SSW as an OAuth app on GitHub. On GitHub, go to Settings → Developer settings → OAuth Apps → Register a new OAuth application and follow the OAuth app registration instructions
Create "Contractors" group, add user, and assign appropriate privilege for access. Refer to the add private application documentation page for detailed instructions.
Now the contractor can log in with GitHub credentials from the organization SSW page (https://ORG.us.ssw.splashtop.com/) and access the SSH application using assigned secrets, all without exposing the SSH credentials.
Conclusion
Splashtop Secure Workspace is more than just a tool. It’s a solution tailored for IT administrators who need to balance security with efficiency and convenience, whether setting a person up for ad-hoc or long-term access needs.
We’d love to hear your feedback. Sign up for early access to the Splashtop Secure Workspace platform for a test drive today. We also welcome you to check out other blogs by my colleague Yanlin Wang who laid out the foundations of our product, along with key use cases and an admin interface walkthrough.
