Remote Access of the Future: Secure Remote Access Solution by SSI SCHAEFER Ensures Maximum Security and Availability

• Secure remote access concept enables secure remote access for maintenance and support

• Comprehensive control with virtual desktop infrastructure, two-factor authentication and Privileged Remote Access 

• Transparent security solution for adherence to compliance requirements and rules 

Protecting networks, securing systems

Automated processes enable companies in intralogistics enormous gains in efficiency. However, digitalization also involves risks: Cyberattacks are on the rise and, in the worst case, can lead to costly downtimes. In order to prevent this, secure networks are essential. System operators are also legally obligated, for example by the new NIS2 Directive and industry-specific compliance regulations, to secure their systems accordingly and make them transparent.

Classic remote access solutions like virtual private networks (VPNs) reach their limits here. For this reason, SSI SCHAEFER developed a new secure remote access concept, which meets the highest security requirements. Comprehensive identity and access management reliably protects data and ensures compliance with legal requirements. The new solution gives service teams privileged remote access while providing transparency for customers – thereby taking not only information security, but also system availability to a whole new level.

The next level of information security

Site-to-site VPNs offer a good deal of security, but reach their limits when it comes to transparency and access control. Whether it is theft of access data, outdated software or compromises in the supply chain – the security risks are manifold. With the help of a new category of remote access solutions, these can be minimized in the future: The Remote Privileged Access Management (RPAM) can reduce risk exposure by up to 50%, according to forecasts by the Gartner market research institute¹.

RPAM connects a clearly verified identity with strictly controlled access to precisely defined applications or systems. At the same time, the respective end device is checked for compliance with security standards before access is granted, for example with regard to patch level, active virus protection or system configuration. This ensures that only authorized persons with trusted devices can access critical systems – in a fully traceable and temporary manner. This innovative approach is also being used by SSI SCHAEFER for their new secure remote access solution, which enables the intralogistics expert to provide even more secure and flexible customer service.

Secure remote access: New concept by SSI SCHAEFER 

“In contrast to the usual VPN solutions, which, if inadequately configured and lacking segmentation, may allow access to the entire corporate network, our secure remote access offers granular control,” Admir Sipic, VP Global Head Remote Services at SSI SCHAEFER, explains. The connection is established via a centrally hosted, repeatedly secured virtual desktop infrastructure (VDI) including two-factor authentication. The VDI instances are configured uniformly, isolated at the network end and enable targeted remote access to the relevant customer systems – such as for installations, configurations or maintenance.

The supplementary Remote Privileged Access Management strictly regulates access to sensitive systems and data in accordance with the zero-trust principle. Whether it is internal technicians, administrators or external service providers: Only verified identities get access – and only to clearly defined resources, limited to the required minimum. All connections are seamlessly documented and continuously monitored. “In this way, we optimize the information security, create maximum transparency and remain operational at all times,” according to Admir Sipic.

Secure support for optimum availability

When developing the new secure remote access solution, one thing was clear to SSI SCHAEFER: In the event of a malfunction, the connection to the customer must not become a bottleneck. Therefore, a central, hardened and monitored cloud environment was created with the Secure Maintenance Environment, which combines all the components necessary for secure remote maintenance. It is available worldwide and across the entire corporate structure and is not tied to a fixed location – a decisive factor for fast response times. In combination with a redundant system architecture, the solution enables efficient, consistently secured remote support. 

Full access control and transparency

The secure remote access concept by SSI SCHAEFER offers companies further advantages through comprehensive monitoring and reporting. Because: Whoever fully controls data access, not only meets legal requirements, but also forms the basis for taking out corresponding insurance policies. At the same time, the complete documentation of all accesses enables clear traceability. 

“A site-to-site VPN solution is not unsafe per se – but remains a black box,” Admir Sipic emphasizes. “The connection can be secured, but it is not transparent what exactly happens within the session and what data is transmitted. Our new solution provides much greater clarity in this area, thereby reducing both legal and operational risks.”

Highest standards, flexibly and intelligently implemented

Automation solutions in intralogistics are complex and place high demands on information security, not least due to applicable standards and guidelines. In order to meet these demands, SSI SCHAEFER intensively tested their secure remote access solution in several proofs of concept over several months. The result is a flexibly adaptable security concept, which integrates itself seamlessly in existing processes and meets industry-specific requirements. A central principle here: SSI SCHAEFER then only gets access to a customer system if this is mandatory, made approved by the customer and explicitly requested.

Securely networked – today and in the future

With the new secure remote access solution, SSI SCHAEFER provides a future-proof approach for remote access in intralogistics. The combination of granular access control, the zero-trust principle and centrally hosted infrastructure meets the highest security requirements and can be flexibly adapted to individual customer requirements. This minimizes the risk associated with remote maintenance activities – without compromising user-friendliness or response speed. This enables companies to adhere to all compliance requirements while benefiting from more efficient processes and maximum system availability.

About the author:

Admir Sipic graduated from the “Höhere Technische Lehranstalt (HTL) Graz” with a specialization in Computer Engineering, then completed his Bachelor's degree (BSc) in Industrial Management/Industrial Economics in Kapfenberg. In 2010, he started his career at SSI SCHAEFER in Remote Support in the Customer Services business unit as an IT technician in Graz, and five years later took over responsibility for the entire department as Head of Remote Support in Graz. Since 2020, Admir Sipic has been responsible for Remote Service on a global level and holds the job title VP Global Head Remote Services at SSI SCHAEFER.

¹ Source: Gartner, Securing Remote Privileged Access Management Through RPAM Tools, Abhyuday Data, Felix Gaehtgens, Michael Kelley, 28 December 2023, Securing Remote Privileged Access Management Through RPAM Tools