Cameyo Introduces Secure Cloud Tunneling to Further Reduce the Attack Surface for Remote/Hybrid Work
Cameyo, the company that provides simple and secure Virtual Application Delivery (VAD) for any Digital Workspace, today announced Secure Cloud Tunneling, a new technology that provides greater protection for organizations enabling remote & hybrid work by eliminating the need to open ports in their firewall - a practice that can increase exposure to hackers and ransomware. Cameyo's Secure Cloud Tunneling expands upon its native Zero Trust security architecture and continues Cameyo's tradition of providing the most secure access to business-critical applications on any device while reducing the attack surface for any organization with remote & hybrid workers.
Secure Cloud Tunneling bridges the gap between the competing needs of today’s IT and security teams. IT teams need to move quickly to enable remote & hybrid productivity in a rapidly changing workplace, but security teams need to be more methodical to ensure heightened security for a remote & hybrid workforce that is increasingly under attack. Secure Cloud Tunneling provides the best of both worlds, giving IT teams the ability to be nimble without requiring security teams to make any compromises for remote technologies.
In addition to today's product news, Cameyo announced it has achieved ISO 27001 Certification, the world's most prestigious Information Security Management System (ISMS) certification, demonstrating the company's commitment to the highest level of data privacy, compliance, and security.
“Remote and hybrid work has led to a surge in ransomware that aims to take advantage of vulnerabilities in today’s remote access technologies,” said Mark Bowker, Senior Analyst at Enterprise Strategy Group (ESG). “It’s no longer enough just to enable remote access - organizations must now enable secure remote productivity. But many legacy systems require organizations to open ports in their firewall or VPN, increasing the attack surface. Cameyo is committed to delivering Zero Trust security at its core, and Secure Cloud Tunneling is another valuable innovation that further protects Cameyo customers from today’s biggest threats.”
“We rely on Cameyo to provide an ultra-simple and productive remote & hybrid work experience for our people, and Cameyo’s deep security capabilities were an important reason why we selected the platform to begin with,” said Emir Saffar, CIO at Ur&Penn. “Cameyo’s new Secure Cloud Tunneling technology illustrates Cameyo’s continued commitment to new innovations that will provide our employees with even more secure access to their applications from anywhere and on any device. The fact that Cameyo eliminates the need for VPNs is very attractive."
Combatting the Surge in Ransomware
Security firm Kaspersky reports that from 2019 to 2020 there was a 767% increase in ransomware, while Check Point 2021 Cyber Attack Trends mid-year report shows another 93% increase from those elevated numbers in the first six months of 2021. And research from Palo Alto Networks shows that Remote Desktop Protocol (RDP) has been the primary attack vector in 50% of all ransomware attacks since 2018.
The issue is that legacy remote access technologies like RDP were born in an era of implicit trust - users are either all the way in, or all the way out. These technologies require organizations to either open up ports in their firewall to give people access or to put everything behind a VPN, with both scenarios introducing significant security risks. Cameyo’s Cloud Tunneling uniquely solves these issues by enabling organizations to securely deliver apps outside the corporate network without opening ports in the firewall and eliminating the need for VPNs.
Native Zero Trust
“For a solution to provide true Zero Trust security, Zero Trust must be foundational and systemic,” said Eyal Dotan, Founder and CTO of Cameyo. “Cameyo was designed from day one as a native Zero Trust system where all security capabilities are baked into the core of the platform, never treated as an additional or optional layer.”
In addition to Secure Cloud Tunneling, Cameyo’s single Zero Trust security architecture includes:
Device Access Control - Cameyo never trusts any device (even managed devices) because those devices can be compromised. Cameyo gives users secure access to the apps they need to be productive while providing complete isolation between devices and their organization’s network/data.
Segmentation - Even once users are in a session, Cameyo segments that session from customers’ networks and data to ensure ongoing separation.
Prevention of Lateral Movement - Even in the case where a device has ransomware or malware, that malware cannot reach the customer organization’s network/data, nor can malware on their systems reach the Cameyo system.
Always-On Monitoring & Validation - Cameyo utilizes non-persistent servers, so all customer user data is wiped from the Cameyo server every time the user logs out.
Least Privilege - With Cameyo all traffic is encrypted and apps are delivered from a secure HTML5 browser, separating the user's device from the corporate network and eliminating the need for VPNs. Cameyo also utilizes Windows Terminal Services and temporary user profiles, ensuring users are unable to access admin privileges, settings, and files.
Identity & Access Management - Cameyo integrates with the customer’s Single Sign-On (SSO) provider of choice, and the Multi-Factor Authentication (MFA) they have set up with their SSO applies to Cameyo.
ISO 27001 Certification
In addition to Cameyo’s continued commitment to delivering the most secure access to applications from any device, the company’s ISO 27001 certification also highlights the company’s commitment to information security. This certification was achieved after an extensive third-party audit and evaluation of Cameyo's systems, processes, and platform confirmed that Cameyo meets the highest standards when it comes to establishing, implementing, maintaining, and improving its information security at all levels. Maintaining ISO 27001 certification requires an ongoing audit cycle that will ensure Cameyo's ISMS continues to meet the highest standards.
Availability & Pricing
Cameyo’s Secure Cloud Tunneling capabilities are available today for all customers. With Cameyo’s Zero Trust architecture, security is never an optional add-on. Like all of Cameyo's security capabilities, Secure Cloud Tunneling is built into the core of the platform and is available immediately to all Cameyo customers at no additional cost.