I'm looking for suggestions on how to securely allow administrative employees to log into a government website for managing taxes and sensitive information. We need to use the company's admin login credentials, and the employees will be working remotely. We log in using an Italian digital identity card, which can be either a physical card with a USB reader or an app that sends a notification to approve access. I'm considering setting up a remote desktop host machine in our office with the ID reader connected. What are the best IT solutions to monitor user activity effectively while they operate? Any thoughts on software that can record activity while the mouse is in use?
3 Answers
You might want to look into a Privileged Access Workstation (PAW). Depending on how much control you need over the multi-factor authentication (MFA) token for the government site, using Azure Virtual Desktop or Windows 365 can help manage remote sessions securely with your ID reader in place.
A practical method is to provide remote access to a secure office system where you can enable activity logs and monitoring features. This way, you'll have complete control over access and can audit employee actions. Make sure to check if your remote setup allows these features.
For situations like this, implementing SASE (Secure Access Service Edge) with a Zero Trust architecture and a Cloud Access Security Broker (CASB) can enhance your security significantly. This setup allows secure remote access while keeping sensitive data protected. It's ideal for remote interactions like the one you're facing.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures