Jump Access by basis.no
Zero-Trust Access for Legacy Applications
How to Mitigate Legacy Application Risks?
Jump Access by basis.no is the solution for modernizing your Remote access methods. It immediately hardens security around legacy applications, such as SAP GUI, while simultaneously giving you the freedom to move away from outdated Virtual Desktop Infrastructure (VDI) platforms like Citrix.
​
Jump Access by basis.no - Two alternatives
.png)
Alternative 1
Jump Access by basis.no
Authentication proxy
.png)
The Authentication Proxy: How it Secures Legacy Access
The Authentication Proxy acts as a robust digital bodyguard for your backend web application, forcing attackers to clear a high-security hurdle before they can even attempt an exploit.
Security Benefits (Protection)
Mandatory Authentication for All Traffic:
- To reach the backend web application, all HTTP requests must first pass through the Authentication Proxy and include a valid authentication token in the HTTP header.
Blocks Brute Force and Exploits:
- This step prevents attackers from performing common attacks, such as brute-force login attempts or exploiting known application vulnerabilities, because they cannot send attack traffic to the application until they are successfully authenticated.
Access & Deployment (Usability)
No Client Software Required:
- Users do not need to install any extra software on their computers to use the proxy.
Leverages Customer Identity:
- The system integrates seamlessly with the customer's existing cloud infrastructure (like Microsoft Entra ID, Google Workspace, or Okta) for user management and authentication via the OpenID Connect standard.
Flexible Access:
- Exceptions can be configured to allow specific paths or URLs to be exposed without the authentication requirement, if the business needs it.
Alternative 2
Jump Access by basis.no
Sandboxing with
in-browser RDP
A Fully Isolated Workspace
This solution extends our Authentication Proxy with in-browser RDP to deliver a complete, highly secure workspace experience that is simple for the user and controlled by IT.
​
Integrated Security:
- It starts with the Authentication Proxy, meaning every user session requires a valid security token before accessing the sandboxed environment.
​Containment:
- By delivering a limited remote desktop in the browser, the solution ensures the legacy application and all its data are physically contained on our secure servers. Your client device only receives screen images.
Granular Control:
- IT maintains control over data exchange, with optional features like file transfer and text copy/paste between the client and the remote desktop.
Complete Visibility:
- Session recording can be activated for every user session, allowing for full auditing of application usage.
Flexible Platform:
- The default environment is a secure Linux desktop with a browser and standard applications (e.g., SAPGUI), but we can deploy a Windows desktop for unique needs (requires separate licensing).