Secure Remote Access for Smart Infrastructure: A Case Study for Telephony Systems
Secure remote access to PBX systems (telephony) is like a tricky puzzle. You need to protect your data, your devices, your network and allow all users remote and secure access.
Recognizing this, AGFEO wanted to provide their service partners, end users and internal support staff with a secure way to access their telephony systems.
IoT in the real world: Agfeo – Telephony Systems
In this series of posts, we will take you on a journey through IoT in the real world and how we have built a secure, simple, customizable and scalable remote access solution for all AGFEO TELEPHONE AND COMMUNICATION SYSTEM users.
AGFEO SUPPORT PORTAL
GOAL: To provide a seamless and secure authentication and authorization system for all users and devices by integrating macchina.io REMOTE with the AGFEO support portal:
- to validate logins (password)
- access rights and
- manage user accounts.
Macchina.io REMOTE allows AGFEO Support to access end-user devices in a secure and convenient way, with the end-user’s consent.
SECURE REMOTE ACCESS with different user permissions
The benefits of fine grained access control for data security and privacy with macchina.io REMOTE:
What did we do?
- We connected the macchina.io REMOTE server to AGFEO’s LDAP database, which contains all account data for service partners (retailers).
- We allowed service partners to add their own user accounts in macchina.io REMOTE (but not in LDAP) in order to manage their own IoT devices and customers.
- We used macchina.io REMOTE’s fine grained access control – flexible authentication and authorization system to validate logins and access rights based on LDAP data.
- We enabled service partners and end users to grant or revoke access to AGFEO support directly from their AGFEO dashboard, with a simple click of a button.
Flexible and scalable user management
User accounts can be managed by a privileged user, called a tenant. Using tenants in macchina.io REMOTE, service partners can add their own user accounts to manage their own equipment and customers, without affecting the AGFEO database. This feature provides flexibility and scalability for user management, as well as security and isolation for different tenants.
Seamless and secure authentication and authorization
In order to make remote access easy and secure for all users and devices, we have integrated macchina.io REMOTE with all AGFEO accounts for service partners and end users.
macchina.io REMOTE has a flexible multi factor authentication and authorization system based on permissions and roles. The authorization and authentication system controls which devices can be accessed and which actions can be performed by each user.
We understand that end users or service partners may not want to give the AGFEO support team permanent access to their devices, especially if they are not experiencing any problems. That’s why we’ve made it easy for them to control when and how the AGFEO support team can access their devices.
With macchina.io REMOTE, service partners and end users can grant or deny access to the AGFEO support team directly from their AGFEO dashboard, with a simple click of a button. In this way, they can decide when they need AGFEO support and when they want to keep their devices private. This feature ensures that everyone’s privacy is respected and that trust is maintained between all parties involved.
No more stress about remote access security. Macchina.io REMOTE gives you a plug-and-play solution and a multi-factor authentication and authorization system for your next project.
Check out our other Case Study: Telephony Systems Posts and get information on:
FULL CONTROL OVER PBX SYSTEMS AND IOT DEVICES FROM ANYWHERE IN THE WORLD!
Remote IoT device access behind a firewall is now easier than ever!
- Made in EU
- Open source SDK and device agent
- Self-hosted (on-prem or any cloud provider)
- Customize and integrate into your environment
- Pay only for what you use
- Powerful and resource efficient
- Access and control more than 100,000 devices
- Zero direct attack possibility
- Fine grained access control
- Multi factor authentication