Testing Remotely with Secura's Remote Access Device (RAD)
Secura provides Remote Access Devices (RAD) to support the continuation of testing remotely.
In order to be able to perform on-site security tests remotely, Secura can provide customers with a Remote Access Device (RAD). Originally developed by Secura for use in Red Teaming assignments, these devices allow our testers to access internal networks, using them as highly secured ‘stepping stone’ servers to extract crown jewels during Red Teaming Assessments. Using this device allows us to continue working when physical access to customer premises is restricted.
In order to gain access to the environment for testing purposes, we will provide a preconfigured device with a power supply that should be connected to the relevant part of the customer network. If that network part has no internet access, the unit will be equipped with a 4G dongle and SIM-card. If 4G is used, then sufficient onsite 4G coverage must be sufficient.
The unit is pre-configured to minimize the effort needed by the customer to install the device. By using this device Secura will be able to perform on-site tests remotely with minimal impact to customer operations.
As a security company, Secura realizes as no other that the (temporary) placement of such a device in the infrastructure of our clients implies an additional security risk that needs to be managed. For this reason we have implemented many security measures, such as using a data at rest and in transit encryption using strong encryption, remote access based on certificates, strict device hardening, logging of all actions on the RAD and procedures for safe use.
We can support customers' staff in installing the device using video conferencing or other methods. For additional assurance, Secura allows monitoring by customers of all activities of the testers. And of course, the device remains under control of the customer at all times and can be switched off and/or disconnected of the network when not in use. These measures make sure that no other parties can abuse the remote access facilities, as they are not accessible over internet.
Secura requires the following for secure use of the RAD:
- An ethernet port (including 802.1x credentials if relevant)
- DHCP access or preconfigured IP address
- Internet proxy access (or 4G coverage)
- A power outlet
Obviously, after the tests have been completed, the devices should be removed and returned to Secura in the provided return box.
If you have any questions regarding the RAD solution, please contact firstname.lastname@example.org.