Remote access for church institutions
The necessity to flexibilize working hours and work locations while reducing costs is no longer just a matter of private economy, it also concerns churches and social organizations. It is therefore essential for such organizations to provide a remote access to data and applications. Appropriate technologies match even the highest requirements of data protection and data security.
Caregivers are required to write accurate patient care reports after care work. Instead of returning to the care facility, it would be clearly easier for them to write them at home in the evening. Not only would this contribute to enhance the motivation and commitment of employees, it would also distinctly reduce their travel expenses. Operations managers often have to update working schedules and route plans because of emergencies and unexpected occurrences. Operations managers and caregivers therefore need a quick and flexible access to the administrative systems of their care facility. For budget reasons, it is reasonable to allow the use of private PCs – under consideration of data protection and data security requirements of course, and without burdening the IT infrastructure.
Access to registration data for pastors and staff is subject to particularly high requirements. It is hence necessary to ensure that unauthorized third parties have no access to any related information. Also, some volunteers assume administrative tasks too and consequently need access to the relevant systems.
To support families and retain experienced employees, mothers-to-be and parents with small children should be given the opportunity to reconcile family and career. When the strict separation of business from private usage is warranted, any home PC may be used without security concerns.
Preschools and schools
For educators and teachers, access to administrative systems needs appropriate safety measures as development or school reports contain particularly sensitive data. If a PC is also used to surf the internet, the access to illegal or age-inappropriate contents must be restricted.
Alliances of organizations
For reasons of streamlining, more and more organizations are subordinated to a central administration. Depending on the size of an organization, inter-site networking or the integration of single PCs may be recommendable. To ensure the most efficient administration, it is important that all systems are centrally manageable.
The right solutions for any requirement
Different requirements need different solutions. The use of ECOS technology allows you to combine various methods under a central management.
Easy two-factor authentication
For access to sensitive data such as registration data, internal procedures or IT systems we recommend the use of ECOS SECURE BOOT STICK (SBS). Once the boot stick plugged in, the PC starts within a specially hardened ECOS Secure Linux environment. The local hard disk and its operating system stay deactivated, no virus or Trojan can therefore be activated. ECOS SECURE BOOT STICK is also part of a two-factor authentication, only the combination of username, password and personal stick allows to access the internal infrastructure. After successful authentication and depending on the requirements an ICA, RDP, VMware View client or a browser will be called up. Data and applications will then be available just as usual. ECOS SECURE BOOT STICK ensures a hundred percent separation between the official usage of a PC and usage for other purposes. Residual files or spying on data through Trojans are excluded. Additionally, an integrated firewall prevents attacks from the same network. ECOS AUTHENTICATION CONTROLL APPLIANCE (ACA) is a virtual OTP appliance conceived to both act as an authentication server, and issue and deliver one-time passwords via SMS. As no further software must be installed or executed on the end-user device, this procedure is suitable for any PC, tablet or smartphone.
A safe and flexible access
In order to work with applications requiring a higher security level such as planning systems, administrative systems or care record systems, we recommend in addition to the two-factor-authentication to execute the client software within a protected environment. ECOS MOBILE OFFICE STICK can be used with any PC or Mac and contains all software required to set up a secure VPN tunnel as well as the relevant clients for access to Citrix, Microsoft Terminal Server, VMware View or web applications. All applications are executed within an isolated sandbox. ECOS MOBILE OFFICE STICK is also part of a two-factor authentication and therefore prevents from unauthorized access. It can be used with any PC or Mac, requires no prior installation, configuration or administrator permission and leaves no traces on the used device.
Ad-hoc access via browser
For users who only need an ad-hoc access to data or applications, we recommend the usage of ECOS VIRTUAL WEB CLIENT (VWC). A VPN client and, depending on the requirements, either an ICA, RDP, VMware View client or a browser of a particular version will be loaded through a standard browser. The software is automatically executed in a sandbox, so no prior installation or configuration work is necessary. A two-factor authentication by SMS or OTP token is supported for logon. The licensing of ECOS VIRTUAL WEB CLIENT can also be effectuated either for named or for concurrent users. ECOS VIRTUAL WEB CLIENT thus also acts as fallback in case a user should have forgotten his ECOS stick. Different access permissions for users can be assigned through gradual permission settings according to whether they use ECOS SECURE BOOT STICK or ECOS VIRTUAL WEB CLIENT.
Highly secure access
For access to sensitive data such as registration data, internal procedures or IT systems, we recommend the use of ECOS SECURE BOOT STICK (SBS). Once the boot stick plugged in, the PC starts within a specially hardened ECOS Secure Linux environment. The local hard disk and its operating system stay deactivated, no virus or Trojan can therefore be activated. ECOS SECURE BOOT STICK is part of a two-factor authentication, Only the combination of username, password with the personal stick allows access to the internal infrastructure. After successful authentication and depending on the requirements, an ICA, RDP, VMware View client or a browser will be called up. Data and applications will then be made available as usual. ECOS SECURE BOOT STICK ensures a hundred percent separation between official usage of a PC and usage for other purposes. Residual files or spying on data through Trojans are excluded. Additionally, an integrated firewall prevents attacks from the same network.
All ECOS access components are administrated through ECOS SYSTEM MANAGEMENT APPLIANCE (SMA), a central user and permission management. Access permissions can thus be updated remotely and even revoked, for example in case a user hasn’t yet activated his stick. In case of loss of a stick, or when an employee leaves the company, the access can be locked and the corresponding license assigned to a new stick.