Scorpion Software Corp

Windows Small Business Server 2003 (SBS) is designed for small businesses. It is designed to work with existing technology, build on Microsoft best practices, and delivers a comprehensive network at an affordable price. It is a very powerful platform that offers staff the ability to increase their productivity by accessing company resources remotely. With increased remote access comes new risk, which is where Scorpion Software comes in. We offer strong authentication solutions that can help provide identity assurance and allows you to definitively prove with confidence that when someone tried to remotely access your company's resources, they are who they say they are.

Continue reading to see how AuthAnvil and RWWGuard can help you gain the confidence you need to offer remote access to increase productivity while maintaining security.

Protect Remote Web Workplace (RWW)

Be it from software trojans with keyloggers to shoulder surfing baddies in the local Internet Cafe or web kiosk, a password alone is not much protection. If you have remote users using RWW from untrusted sources, real threats exist that may expose your business to new unnecessary risk. No security tools native to SBS or RWW can protect from these risks, including the "I'm using a public or shared computer" checkbox that many people think will protect them. If an adversary can get a user's credentials, they can access every resource that user can access... without you being the wiser.

This sort of risk can be reduced to more acceptable levels with the introduction of RWWGuard. This agent adds an identity assurance check directly to the RWW logon page, requiring users to enter in a unique passcode that changes each time it is used. In this way, even if someone was able to covertly capture logon information, it will be useless to them without our AuthAnvil dynamic one time password (OTP) generator, commonly called an "authentication token".  Below is a picture of what RWWGuard looks like.

You do not have to force all users to require an AuthAnvil token. This helps to reduce your deployment costs by only requiring those users at higher risk such as remote sales people in the field and telecommuters to use strong authentication. Other users will continue to use RWW like they did before. And you can even restrict access to Outlook Web Access, requiring remote users to enter through RWWGuard before they can check email, search the contact list, review shared calendars or access files with shared folders.  

Secure Terminal Services

When employees or partners need to access Microsoft Windows clients and servers they will log on directly at the keyboard, through Terminal Services or through a direct RDP session. Replacing Microsoft’s Windows Logon, AuthAnvil provides a dialog challenging the user for their Active Directory credentials and their AuthAnvil passcode for that logon session. When a user attempts to log in their passcode is sent to the AuthAnvil Strong Authentication Server (SAS) for authentication. If accepted, AuthAnvil then transfers the request back to the Windows security subsystem, which then attempts to authenticate the user against their domain credentials.

This lets users securely access Windows XP and Windows Vista desktops or Windows Server 2003 and 2008 servers from anywhere, at any time, when they need it most to do work remotely. It can even protect the Small Business Server itself, only allowing appropriate administrators the access they need to administer and manage the server from anywhere in the world. All with the benefit of knowing, with confidence, that the person connecting up is an authorized user and not someone who has received a password that was shared, stolen or easily guessed.