Secure data from a server to a workstation using jumper hosts
- by apalsson
Hello.
I have a WWW-server, my problem is that the content is sensitive and should not be accessible for people without proper credentials.
How can I improve the ease of use but still maintain security following scenario;
The Server is accessed through a "jumper host", i.e. the client connects to the jumper using VPN-connection and uses RemoteDesktop to access the jumper.
From the jumper he uses RemoteDesktop again to access the Server.
Finally on the Server the user can access content using a WWW-browser.
All the way from the VPN-client to the WWW-browser requires authentication using a SmartCard-token.
This seems quite secure to me.
Content only gets mirrored on the RemoteDesktop between Server and jumper, no cached files to worry about. Connection between jumper and client is protected using VPN(ssl), so no eavesdropping.
But it is quite cumbersome for the clients with many steps and connections to open. :(
So, how can I improve the user experience accessing my server without compromising security?
Thanks.