Data security is a critical business priority today – this is especially true for businesses in industries such as manufacturing, where intellectual property as well as customer data are involved.
This was the case for our client too – a leading player in the automotive ancillary manufacturing space. In this blog, we explore their specific challenge in safeguarding their digital assets, and how Akku was able to deliver a customized solution to address the client’s needs.
The client runs regular audits to assess their security posture, and to identify areas where their existing Google Workspace could itself provide adequate security measures in terms of access control.
In one such audit, they identified a critical gap. Employees at the company were increasingly needing to work remotely, but the existing endpoint security solution was only capable of restricting access to the company’s network and disabling all remote access.
Additionally, it was necessary to permit access for any user from any approved company laptop or desktop – a challenge given that the conventional device-based restriction approach generally maps one user to one device.
Akku’s Innovative Approach
Our team at Akku addressed this challenge with a customized device-based restriction strategy.
To allow any user to access applications and data from any of the company’s laptops or desktops, we decided to implement a many-to-many mapping system. This unique solution involved the development of a custom application, the Akku Agent, installed on every whitelisted device.
Through the client’s inventory system, all machine serial numbers were captured and uploaded to Akku. The login process was then revamped to require all users to authenticate via Akku only.
When a user logs in, the Akku Agent now verifies the device’s serial number against the whitelisted devices in Akku, and allows access from any location, including outside the client’s network, as long as the request is made from an approved device.
This solution seamlessly addressed the core challenge of permitting remote user access from approved devices.
Tackling Mobile Access
The next hurdle was controlling mobile access. Based on the Google Workspace plans assigned to the company’s users, the Google Workspace Advanced MDM functionality addressed mobile access control for only a subset of the company’s users.
For all other users, access from any mobile device remained unchecked. Additionally, inventorying all personal devices of employees was impractical.
Akku’s solution was to restrict user mobile access to a controlled number of manually approved devices per user. By default, users were not permitted mobile access. Upon necessity, they could contact the admin to get a device approved, ensuring secure and controlled mobile access. And in case of a change of device, such as on purchase of a new phone, the admin would be able to deactivate access to the old device and enable access to the new device.
By integrating Akku, the client not only overcame the limitations of their existing security system, but also enabled secure remote access for their employees with seamless device-based access control measures.
The solution addressed the unique challenges faced by our client through Akku’s flexibility and our team’s custom development and deployment solution.
Akku’s flexible and innovative IAM solutions can transform your organization’s security landscape too. Talk to us to know more today.