No door, no entry

Oct 07, 2017 | | Security
No door, no entry

Imagine you’re an IT Administrator working in an environment where you could only log into machines you could physically touch… no RDP, no SSH. And even then, you could only get a “standard” user login, no administrative/root accounts. Doesn’t sound like you could be very productive, right?

You could never log into a cloud-based or virtual device because you could never physically touch them. There is one significant advantage though. This environment will be inherently very secure – as secure as a castle with no gate or door.

Now let’s move forward a little bit with the castle analogy. Imagine it’s the castle of a wizard. The door only appears when the wizard approaches. Even then, it’s locked, and will only open for the wizard if he has a key. They key only appears when he puts his hand into his pocket.

The wizard can enter the castle via a door that didn’t exist when he walked up, using a key that was created on-demand to match the lock. Pretty cool trick.

That’s what Tachyon can do for your environment.

You can use it to globally disable protocols like RDP and SSH, remove Domain Admins from the local Administrators group, scramble root passwords, etc.

Then, on demand, like the wizard walking up, the door appearing before him, you can click on your favorite icon (MSTSC, Putty, etc.) and have the protocol enabled instantaneously on the remote machine (ok, actually, it takes about 20ms) and have an account created for you (and moved into the Administrative/”sudoers” group) and voila! Your key (which can be randomized or pre-known) of a password opens the door into the protocol and you access the machine. Physical, virtual, cloud-based, server or desktop. After a few minutes, the protocol is switched off again (your session is still running and fine) – if you log out before that time, the protocol is disabled. Once you log out, the account you used is moved out of the admin groups (or deleted from the machine, based on configuration).

This is just one of the awesome things that Tachyon can do, handling concurrent communications with up to 1.5 million endpoints simultaneously. It sounds like a magic trick, but really it’s just smart.

This may sound a little far-fetched. But… you don’t leave the shower running in the morning because you might want to shower that evening or the next day… you turn it off. Why leave accounts with admin access or protocols open when you can switch them on or off on demand? Why would you leave these security holes open all the time when you can just permit access on demand?

Even better – you can dictate who can do this to what machines with or without the approval of a third party.

Tachyon changes the game in more ways than one. Contact us now to see this in action.

Share this post

Share this post on your favourite social media platform.

Find this article useful?

If so please click here