We’ve talked in the past about the importance of having security baked into the core of your digital workspace. And one of the key issues organizations face when securing remote & hybrid work is the complexity of legacy virtual desktop infrastructure (VDI) and Desktop as a Service (DaaS) products. And as one of our customers points out, complexity is the enemy of security:
“With Cameyo you get this very powerful solution, with very low complexity and cost, all while getting greater security than you’ll find in other solutions. Complexity is the antithesis of security. The more complexity a solution has, like the many components of virtual desktop solutions, the more potential security issues you will have. Cameyo is built on a Zero Trust security model, and it also strips away all of the complexity that could result in security issues down the line,” said Adam Nerell, Head of IT for Klarahill.
This is why our Founder & CTO Eyal Dotan – who has 12 security patents and created one of the first Host Intrusion Prevention Systems (HIPS), which he sold to Ivanti – built Cameyo with a Zero Trust security model from the ground up.
As a result, Cameyo’s Virtual Application Delivery (VAD) platform is the simplest and most secure way to deliver business-critical applications to your users in a hybrid and remote work environment. Cameyo’s single architecture and Zero Trust security model includes:
Limited Attack Surface
Cameyo’s single architecture eliminates the need for additional gateways and appliances that can fail and become a security issue on their own (e.g., CVE-2019-19781 – Vulnerability in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance).
Port Shield
Port Shield is a Cameyo-developed technology which provides built-in security that automatically closes RDP, HTTP and HTTPS ports and opens them to authenticated users only when needed. Additional information can be found at https://helpcenter.cameyo.com/support/solutions/articles/80000212541-cameyo-port-shield-protecting-your-server-from-cyber-threats.
No VPN
With Cameyo, all traffic is encrypted and apps are delivered from a secure HTML5 browser, effectively separating the user’s device from the corporate network and eliminating the need for VPNs. Additional information can be found at https://helpcenter.cameyo.com/support/solutions/articles/80000212529-novpn-optimizing-remote-web-browsing-for-wfh-work-from-home-
Non-Persistent Servers
Customer user data is removed from the Cameyo server every time the user logs out, and in the very unlikely event that the secure browser is penetrated, the hacker only has access to the user’s session and is wiped from the server when the session ends.
IAM and SSO integration
Cameyo implements the OpenID Connect standard (OIDC) so users can connect through your SSO identity provider, e.g., Okta, Ping, Azure AD, etc. We also integrate with OAuth2 for connections through Google Workspaces (formerly G Suite), Office 365, etc. Additional information can be found at https://helpcenter.cameyo.com/support/solutions/articles/80000212612-sso-integration.
Windows Terminal Services
Cameyo utilizes Windows Terminal Services and temporary user profiles. This ensures users are unable to access admin privileges, settings, and files.
Data Privacy
Data security and privacy are protected in a number of ways with Cameyo:
- Cameyo integrates with the customer’s cloud storage ensuring that files and other personal information are located in the customer’s environment and not on the Cameyo server.
- Personal information collected by Cameyo is typically limited to the user’s email address and IP address. Additional information on personal information accessed by Cameyo can found at https://helpcenter.cameyo.com/support/solutions/articles/80000212561-personal-information-accessed-by-cameyo.
Data Encryption
With Cameyo, all information is encrypted using transparent data encryption. It is protected using Azure Defender for SQL and Azure SQL Auditing, and is only accessible to Cameyo’s portal servers (IP white-listing). Additional information can be found at https://helpcenter.cameyo.com/support/solutions/articles/80000212608-user-information-privacy-and-database-protection.
So if you find yourself in the situation where you need to enable remote or hybrid work for your people but you’re concerned by all of the recent stories highlighting ransomware and other security issues, please give us a call. Cameyo isn’t here to make remote & hybrid work “less risky” – we’re here to make it more secure than ever. We’d be happy to show you a demo of how we can help secure your environment against ransomware, brute force, and other attacks. Or you can get started with your own free trial here.