Secure Remote Access for Smart Infrastructure: A Case Study for Telephony Systems

Secure remote access to PBX systems (telephony) is like a tricky puzzle. You need to protect your data, your devices, your network and allow all users remote and secure access.
Recognizing this, AGFEO wanted to provide their service partners, end users and internal support staff with a secure way to access their telephony systems.

IoT in the real world: Agfeo – Telephony Systems

In this series of posts, we will take you on a journey through IoT in the real world and how we have built a secure, simple, customizable and scalable remote access solution for all AGFEO TELEPHONE AND COMMUNICATION SYSTEM users.

Secure Remote Access for Smart Infrastructure - Infographic Shows IOT Remote Access to PBX Systems
Remote Access to PBX Systems – Fine grained access control for data security and privacy 


GOAL: To provide a seamless and secure authentication and authorization system for all users and devices by integrating REMOTE with the AGFEO support portal:

  • to validate logins (password) 
  • access rights and 
  • manage user accounts. REMOTE allows AGFEO Support to access end-user devices in a secure and convenient way, with the end-user’s consent.

  • We connected the REMOTE server to AGFEO’s LDAP database, which contains all account data for service partners (retailers).
  • We allowed service partners to add their own user accounts in REMOTE (but not in LDAP) in order to manage their own IoT devices and customers.
  • We used REMOTE’s fine grained access control – flexible authentication and authorization system to validate logins and access rights based on LDAP data.
  • We enabled service partners and end users to grant or revoke access to AGFEO support directly from their AGFEO dashboard, with a simple click of a button.

Flexible and scalable user management

User accounts can be managed by a privileged user, called a tenant. Using tenants in REMOTE, service partners can add their own user accounts to manage their own equipment and customers, without affecting the AGFEO database. This feature provides flexibility and scalability for user management, as well as security and isolation for different tenants.

Seamless and secure authentication and authorization

In order to make remote access easy and secure for all users and devices, we have integrated REMOTE with all AGFEO accounts for service partners and end users. REMOTE has a flexible multi factor authentication and authorization system based on permissions and roles. The authorization and authentication system controls which devices can be accessed and which actions can be performed by each user.

We understand that end users or service partners may not want to give the AGFEO support team permanent access to their devices, especially if they are not experiencing any problems. That’s why we’ve made it easy for them to control when and how the AGFEO support team can access their devices.

With REMOTE, service partners and end users can grant or deny access to the AGFEO support team directly from their AGFEO dashboard, with a simple click of a button. In this way, they can decide when they need AGFEO support and when they want to keep their devices private. This feature ensures that everyone’s privacy is respected and that trust is maintained between all parties involved.

Check out our other Case Study: Telephony Systems Posts and get information on:

Remote IoT device access behind a firewall is now easier than ever!

  • Made in EU
  • Open source SDK and device agent
  • Self-hosted (on-prem or any cloud provider)
  • Customize and integrate into your environment
  • Pay only for what you use
  • Powerful and resource efficient
  • Access and control more than 100,000 devices
  • Zero direct attack possibility
  • Fine grained access control
  • Multi factor authentication

Tagged , , ,