pg_hdr
Sevan Networks Logo Identity Authentication for Web Security
home solutions products white papers about us

Restricting Access to Specific Computers

It is cost effective to outsource some functions to contractors. Call centers and help centers are common examples of this practice. In some instances you must provide the agents with selective access to customer account information or other sensitive information. You must ensure that the agents access the information only while performing their duties. If you provide the agents with passwords to access the customer information, how do you keep them from using the passwords for non-work access?

The common solution today is to use some form of a “VPN” to control the use of the passwords. This can be as strong as a closed, physical network or as simple as IP source address filtering. The closed physical networks are expensive. Filtering of IP addresses is weak (easy to a spoof source address) as well as rigid, since it does not allow changes in the contractor's network.

Sevan's Web Subscriber Authentication provides a strong, yet flexible mechanism for restricting access to specific computers. When you install a WSA between the contractor and your sensitive information, the WSA will authenticate the agents before allowing them access to your sensitive information. Since the WSA uses a certificate to authenticate the agent, the authentication is really tied to the computer at the call center. Therefore, the agent cannot access your sensitive information from other other computers.

The WSA makes it very simple to set up this certificate-based access control.

  • Your administrator specifies which sensitive information can be accessed and sets up one or more enrollment accounts.

  • The enrollment names and passwords are given to a trusted person (either your employee or the contractor's employee)

  • This trusted person attempts to access your sensitive information from the contractor's computers. The WSA generates and downloads a certificate into the computers and enrolls the certificates (assuming the user knows the valid enrollment passwords).

  • The WSA allow access your sensitive information only if the access is coming from a computer with an enrolled certificate.

 
Copyright 2002-2009 Sevan Networks, Inc. All Rights Reservedd