About the Cedar Path Secure Support Tunnel
Cedar Path support personnel use a secure screen sharing application to access a remote computer on an as-needed or as-requested basis.This tunnel allows Cedar Path to remotely diagnose, troubleshoot, and correct many common issues.
Cedar Path uses three primary mechanisms to secure all customer data and transactions:
- All traffic is encrypted using industry-standard SSL browser encryption (the “https” in the URL). Any user accessing the site using a non-encrypted (http) URL is automatically redirected to SSL. This keeps all packets transmitted secure and confidential.
- When a Cedar Path support person logs into the system, they use Microsoft’s Windows Active Directory (AD) for username/password authentication. AD uses Kerberos Authentication, providing a secure method of allowing or denying user access. Only personnel responsible for providing support are allowed to login into the support service.
- After a user’s username and password are successfully entered, and the user has the rights to access the support tunnel content, an additional challenge is presented. This Multi-Factor Authentication (MFA) uses a One-Time Password (OTP) to provide an additional level of securing and authenticating the user. The OTP mechanism deployed by Cedar Path is Google Authenticator,
In addition to these precautions, we use Microsoft’s Internet Information Server (IIS) as a front-end to our support services server. Since the support services server is a remote server, completely separate from the IIS, IIS acts as a buffer, only allowing encrypted packets to reach the support server. Further, our firewall refuses packets from most foreign countries, using a geo-location filter to determine the packet’s origin. This, along with other firewall features, significantly reduces attack attempts on our system.
Keeping our customer’s information secure is a primary concern at Cedar Path, and one that we take very seriously. Rest assured that we do everything possible to keep information safe and secure.