Background
Managing access to critical infrastructure has always been a challenge, moving to elastic cloud environments makes it even harder and more time critical. How to make sure that the right people get access to the right resources at the right time? At the same time companies and organizations are struggling with manpower and resources. They do not have the time and money to start large IT-projects and invest on maintenance heavy Privileged Access Management (PAM) solutions. Lately remote work has grown exponentially because of Covid-19, which makes the equation even more complex.
Solution
We have lean access management software for privileged users – PrivX. It has been available as an on-premise solution for a while. Customers have installed and maintained PrivX by themselves or with a partner. To make it even easier for customers we are introducing PrivX as a Service (SaaS) where we will run a PrivX instance on behalf of the customer. No installation or maintenance of the PrivX platform is needed.
In order to make things right we need feedback from real users. We were lucky to find Hanze University, as one of the pilot customers, to help us with that. They were starting a student project and our needs fit to their scope perfectly. They wanted to learn and test new technologies and we needed the feedback, it was a win-win. From the first call with Jos I felt that this is going to be great. Our needs were matching perfectly. They wanted to find a solution for their access management problem, we wanted the feedback.
After Introducing PrivX in an online meeting the students created the scope (use cases) for the project and got right to work. Within three weeks the students (Swen, Justin, Niels and Robbert) managed to integrate PrivX SaaS into their environment and learn how and what can be done with PrivX in a self-study manner.
Whenever people who are working on projects, are hired to do a task for another company, get a promotion and gain new access privileges, or maybe got a demotion, need to gain access based on their role to be able to work. For many companies this is a tough task, because the IT department needs to do this manually. Providing people the right access based on the work they are doing, takes a large amount of time. In some cases this could easily take around 2 weeks. This is unacceptable, because time is money.
-- extract from final report --
The most time-consuming part before starting the actual testing was to have access to existing infrastructure and create a test environment before the actual work could start. Lockdown caused by Covid-19 had an impact on the project as well. Students needed to work remotely using online tools for communication and I was happily surprised how well things worked out. Students presented their feedback and final report to our SaaS team in an online meeting.
So for our final recommendation, we would highly recommend companies/organisations who face the same struggle as the DSH does to consider PrivX SaaS as a solution. While working on this project we encountered next to no struggles with this product, and we would not mind working with it in the future. As for the few limitations, we are confident SSH will work on fixing them in the future.
- PrivX SaaS is a satisfying product
- Easy to set up
- Easy to get used to
-- extract from final report --
"The students and I were really pleased with the opportunity to actually work in this way with you and your company. I would like to thank you again for the pleasant co-operation." Jos Bos
We both felt that the project was a huge success and I personally enjoyed working with these four highly motivated students. So, thanks to Jos (professor), Swen, Justin, Niels and Robbert!
Learn more about PrivX: The product that is a great alternative to VPNs or jump hosts, can be set up remotely and requires virtually no maintenance.
Links to student profiles:
- Swen Bergsma: https://www.linkedin.com/in/swen-bergsma-56b71a133/
- Robbert Tamminga: https://www.linkedin.com/in/robbert-tamminga-668343171/
- Niels de Vries: https://www.linkedin.com/in/niels-de-vries-613557199/
- Justin Boxem: https://www.linkedin.com/in/justin-boxem/
PS. This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 881221.
