sayTRUST VPSC - ZeroTrust Client Access
sayTRUST VPSC (Virtual Protected Secure Communication) is a groundbreaking new technology for encrypted, internal and external access to corporate networks. sayTRUST VPSC enables highly secure communication and data exchange without backdoors and without any possibility of manipulation by unauthorized persons.
It ensures a highly secure working environment - in the home office or mobile. sayTRUST VPSC offers the highest level of communications security by detecting and eliminating vulnerabilities between the user and the network being protected.
Users can use the 8-stage “Defense in Depth” Technology both within your own network and from external locations,in the home office or mobile hotspots work safely.
Why sayTRUST VPSC
Users who work from home or mobile mustaccess company data. This requires remote access to the corporate network. Companies and authorities usually rely on commercially available VPN solutions.
The biggest security gap is the access data that is on the end devices with this technology. In addition, data in the connection route can be read out. Added to this is the administration effort.
Administrators and users also complain a number of problems: software that is difficult or impossible to integrate into clients, complicated hardware that is additionally necessary for some applications, or connections that are too slow are just a few of them.The sayTRUST VPSC technology offers an access solution without such disadvantages.
Access Mobile Device
Basically, the solution consists of a server and a client component, for example in the form of a USB access stick. The server can function as an appliance or as software. You can choose between USB sticks with two-factor authentication (2FA) or with three-factor authentication (3FA).
VPSC instead of VPN – we thought ahead:
-
Lower costs
-
Easy handling
-
Communication within the application layer instead of network-networkcoupling
-
Eight levels of access security
-
Safety begins before the tunnel
-
No software and access data on the client PC
-
Personal identification of the user
-
Own forgery-proof and protected certificates
-
Reduction of administration effort by up to 80%
The sayTRUST Access USB client (1) is highly secure and highly flexible:
-
Immediately after plugging it into any PC, you will be asked for authentication (2).
-
After authentication has been completed, the sayTRUST menu (3) is started.
-
From the sayTRUST menu, the connection is established for each application directly from the encrypted RAM, so that no traces remain on the PC
Safety has to be simple. According to this principle, theUser interface designed for sayTRUST VPSC. While a compromise is always made with conventional VPN solutions, SAYTEC AG took a customer-specific approach when developing sayTRUST VPSCen requirements. The result is an effective tool that provides high securitysimplicity and ease of use combined.
The Password manager for single sign-on ensures maximum security. Logins to various applications and/or platforms are carried out using the respective passwords via the user's encrypted database. When you open any application, the single sign-on module takes care of secure authentication in the background. Of course, the individual applications remain protected with different passwords.
In schools, this ensures separation between student, teacher and administrative networks. In the hospital, patient files are only made accessible to authorized people from the medical field and administration. In industry, data and access for different development teams are securely separated from one another.
When it comes to security features, in addition to generally recognized standards (SSL, TLS,features implemented. This includes the application-based connection in the tunnel (instead of the usual Layer 2 or Layer 3 VPN).This means that malware is detected and prevented at the entrance to the tunnel. With your own CA (Certificate Authority), the certificates are created “on demand” and are not obtained from an external agency.
All communication is built from the encrypted main memory (RAM) of the client computer. This means that no data remains on the computer or on the connection that would allow later analysis. This protection also makes the “man-in-the-middle attack” popular with hackers impossible.
No separate virtual network card or separate IP address from the network to be protected is required for encrypted communication. The network and associated information are invisible from the outside. The connection is also invisible on the client PC. The device has and does not know any network information from the remote network to be protected.
What is particularly convenient for users is that they always carry their personal work environment with them on the mobile access device. You can work highly securely from any PC. The administrator centrally configures the authorizations and thus the user's working environment and access to applications and directories. Log in once and automatic access to all authorized applications is guaranteed, without the hassle of repeatedly entering passwords.