Skip to content

Ensuring secure remote access at Hospital del Mar

The Hospital del Mar is a hospital in Barcelona (Spain) with more than 4,000 employees that is part of the group Parc de Salut Mar. This organisation is located on the Barcelona coast and brings together one of the city’s most dynamic health education, knowledge and research centers.

At the end of 2019, they started looking for a secure solution to replace their current remote access setup, and they found Awingu!

Hospital Del Mar Birds View
The Hospital del Mar is one of Barcelona’s largest healthcare institutions.

Punctual remote access and the impact of the pandemic

In 2019, Hospital del Mar used several solutions to be able to give remote access to virtual applications and desktops to a specific group of employees in an exceptional way. They needed a tool that would make this external access more secure, since the current solution did not respond to all of their needs.

After doing market research, they concluded that Awingu was the solution that suited their needs the best, due to its simplicity and affordable price. Thanks to Awingu, the hospital was able to ensure remote access to a group of 50 users in a very simple way and without high costs.

With the arrival of the pandemic in March 2020, the need for remote access grew exponentially and the volume of users increased to 400. Hospital del Mar managed to do it in approximately one week, since the implementation and ‘roll-out’ were very simple.

With Awingu, Hospital del Mar could fulfill its main objective: to have a portal where professionals could connect and have access to all the necessary information and resources in an easy and secure way.

Simple solution for both users and administrators

Prior to the implementation of the Awingu solution, the Hospital’s professionals did not often work remotely, but rather on a very occasional basis. However, due to the pandemic, everything changed and for the hospital it was essential to adapt to this new reality allowing this safe and easy access.

The SSII department highly appreciates several of the many security capabilities that our product offers. One of the features that they are using the most today is two-factor authentication (MFA). Regarding this, Albert Márquez Colomé (SSII and Communications Director at Hospital del Mar) commented that: “We trust Awingu; It is a solution that gives us security.”

Not only the IT team is happy with the tool, but also the users. As Albert explains to us:

“Users adopted Awingu in a completely transparent way. The product is easy to use, secure and it meets our needs (access to applications and desktop). It just works.”
Albert Márquez Colomé
Albert Márquez Colomé
SSII and Communications Director, Hospital del Mar

Another most notable advantage for Hospital del Mar was the fact that they could use the smart card reader (‘Smartcards’) and be able to digitally sign documents while working in the workspace of Awingu. This option was added in one of the recent versions that came out of the product and was necessary for the hospital, so they are very happy that the product continues to evolve and that they listen to their customers.

Furthermore, working with Awingu gives your employees flexibility: they can easily access applications or desktops from any device, even using their personal one (‘BYOD’).

These personal devices are not managed by the hospital, but the IT team is reassured that the connections are taking place securely through Awingu.

This is another notable advantage for the IT team of Hospital del Mar, given that they did not have the resources to provide new devices to all staff and did not want to install VPNs on personal devices either:

“For example, if someone has a virus on their own laptop, we don’t want it to spread to the hospital network, so we avoid using VPNs. Using Awingu, we respond to the need for connectivity and avoid security problems”
Albert Márquez Colomé
Albert Márquez Colomé
SSII and Communications Director, Hospital del Mar


Use of Awingu in the future

Since Awingu is allowing the access to legacy applications, the IT team is working on implementing remote access to these through our software.

In general, Hospital del Mar likes the ease of installation and use of the product. In addition, the team thinks that the solution is very profitable: “it does what it should do for an adequate cost and we really believe in the product”, they explain.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.

Awingu introduces version 5.3

August 16th 2022, Ghent (Belgium),– Today, Awingu (now part of Corel, home of Parallels) launches its new product release with Awingu version 5.3. As with every version, Awingu 5.3 brings enhancements in various domains:

  1. Security: HTTP headers updates
  2. Scaling: Installing against existing external database
  3. Various UX enhancements

Security: HTTP headers updates

Awingu is a solution that helps customers enable a Zero Trust secure remote access, and we therefore care deeply about our customers’ security. In line with security best practices, we’ve made improvements for HTTP headers:

  • Firstly, administrators can enable HTTP Strict Transport Security (HSTS) headers. This way, Awingu ensures that its users are always connecting over HTTPS. By enabling HSTS, administrators no longer need to redirect users from http:// to https:// URLs.
  • Secondly, the Content-Security-Policy header (CSP) is applied. By using this response header administrators can control the resources the user agent is allowed to load.

Installing against an existing external database

To make the work of Awingu admins easier and to expand the database options, Awingu 5.3 introduces innovations with regards to using external databases.

Already before version 5.3, Awingu created a backup of the internal database on a daily basis and stored that backup on the appliance. As an admin, you can retrieve this backup and save it on another system via SFTP. Awingu enhances the use of external databases for this functionality: the existing ‘database backup and restore’ functionality has been updated to ‘environment backup and restore’. This means that it’s now also possible to install Awingu against an existing external database or install (new) Awingu environments from an existing backup.

This enhancement not only enables additional disaster recovery scenarios but also allows moving your Awingu environment to a different network or hypervisor. Furthermore, this enables you to duplicate environments for testing or validation.

Various UX enhancements

Awingu 5.3 adds capabilities to improve the user experience in the workspace.

Improved clipboard functionality

Many customers are using the clipboard in Awingu daily during their working hours. Awingu allows copying and pasting content between applications – however, users often experienced limitations (copy/paste between a streamed app and local device, not being able to use system copy/paste actions, etc.) We heard the requests for improving the clipboard functionality, and we listened to your feedback.

In Awingu 5.3, the clipboard functionality for Chromium-based browsers (such as Chrome and Edge) is refined:

  • Copy/paste actions from the context menu work as expected
  • Copy/paste actions from all formats between streamed apps are possible
  • Copy/pasting between a streamed app and the local device now works with more formats:
    • Plain text
    • HTML
    • Rich Text Formatting (RTF)
    • PNG images

File page improvements

We’ve extended the selection capabilities in the workspace. More specifically, two new actions have been added as file page improvements:

53 1

You can now select all files, bookmarks, shares, or applications.

53 2

You can now clear the whole selection.

The selection can also be modified using the Control and Shift keyboard keys, as is the default in e.g. Windows Explorer.

Support for mouse buttons 4 and 5

Several users have more than 3 mouse buttons, and use these to navigate (e.g. page forward/backward in browsers). The mouse buttons 4 and 5 (side buttons) can now be used within remote applications.

mouse 4 5
Mouse buttons 4 and 5 are often found on the left side of the mouse.

New Remote Application Helper

In Awingu 4.1, Awingu introduced the Remote Application Helper to support the use of Smartcards. In the version 5.3, there is a new version of the Remote Application Helper available which contains important bug fixes. If your users are working with Smartcards and thus need the RAH, it is recommended to uninstall the previous version of the RAH before installing the new one to keep on working smoothly in the workspace.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.

The Municipality of El Prat de Llobregat enables teleworking with Awingu

El Prat de Llobregat is a municipality in the province of Barcelona with a population of 65,000 inhabitants. The staff of the city council consists of 800 people, and in a first phase the Awingu workspace has been implemented to manage the telework of 50 of them.

Like most of the city councils, the one of el Prat de Llobregat had to implement new systems to cope with the need to telework due to the Covid-19 pandemic. In this case, like in many other city councils and companies, the process had to be done quickly and immediately, since the measures imposed by the Government required an imminent confinement.

ajuntament-del-prat-ciudad
El Prat de Llobregat is located in the province of Barcelona and is situated close to the city.

Remote access within municipalities

For the Municipality of El Prat de Llobregat, like many other public administrations, the digital signature is something necessary in their day-to-day work. The town hall had to make a rapid evolution to be able to provide access to the usual applications and digital signature remotely and securely.

“Using more traditional tactics like VPNs for example, is more complicated and not the best way to maintain high levels of security,” explains Adrián Russo Gallo, General Manager of Indigo, IT partner of the Municipality of Prat de Llobregat:

“You have to find out who is connecting and control the device that connects to the network. Nobody is prepared to suddenly have 800 users outside the organization, it’s very complicated to have all those laptops ready with Windows 10, a managed VPN and all the required security.”
adrian-russo
Adrián Russo Gallo
General Manager, Indigo

That is why, when the Municipality of Prat de Llobregat presented its need to Indigo, Awingu was one of the candidates for a proof of concept.

Adrián Russo Gallo had known Awingu for many years, he was aware of the potential and innovative nature of the solution, but the solution was still at an early stage at a commercial level and still lacked expansion at a business level. The product was released in 2014, and at that time the demand was not quite clear. However, there were small occasions the years before, where Awingu was one of the proposed solutions. “I would say that Awingu today is the benchmark for remote desktop solutions, remote applications, … in every aspect!”

Indigo did proofs of concept in which different solutions were assessed, including Awingu’s. During the tests, since they wanted to meet all the requirements proposed by the municipality, the other solutions were gradually discarded, leaving Awingu, in which they saw numerous advantages: from the most technological part to the adaptability, security, speed of implementation, simplicity, … and a very important factor: the cost, which provides sustainability in the future. After the successful POC, technology partner Indigo bought the Awingu licenses for the municipality via the Spanish distributor MCR.

Flexibility, simplicity, and cost-effectiveness as key benefits

From the implementer’s point of view, one of Awingu’s advantages is that it is an integrator, highlighting aspects such as adaptability, rapid implementation, and its intuitive nature. That allowed the municipality to integrate certain heavy solutions from different vendors very easily. With Awingu we found the perfect balance,” Adrian tells us.

Other advantages are the possibility of integration with Active Directory and MFA (multi-factor authentication), which is already included in the platform itself. They didn’t count on the latter, so they were grateful to have this added advantage: “It’s not that you have to integrate another MFA, because it’s already part of the product. However, if you want to integrate another one, you can do it too, because there is no impediment. Whatever you want, it fits – a great improvement!

Another important factor is that thanks to Awingu’s adaptability, the Municipality of El Prat de Llobregat was able to set up the solution on-premise. This flexibility was not available with other solutions and was very important for the town hall: “With other solutions it is extremely more expensive to be able to do it on premise. In terms of cloud solutions, maybe there’s not that much difference, but when we set up on premise, the difference is huge.”

Another critical point had been to be able to do the digital signature, which is so important in a public administration. Fortunately, it was also possible to do it within Awingu.

Also, we can’t forget, as mentioned by Joan de la Paz, SiTIC services responsible of the municipality, that entities different from the town halls (such as sport centers, manors, etc.) are normally managed by outsourced companies or enterprises under concession with their own IT infrastructures. In this scenario, Awingu has been the perfect gateway to keep the high levels of security and control requested by the client, giving connection between the different entities under concession and their IT policies.

The advantages of Awingu not only for municipalities, but also for private companies. “If they do a good study of the technical and economic feasibility and the implementation time, Awingu will be the clear winner,” explains Adrián.

Next steps with Awingu

“You can see that it is developed from the customer’s perspective, adapting to the customer’s needs, not the other way around as it happens in most solutions. You buy a solution and you’re waiting to see where we need to modify something, with Awingu it’s not like that: Everything is easy.”
adrian-russo
Adrián Russo Gallo
General Manager, Indigo

Users have certainly been very satisfied. Currently, the city council is in the first phase of implementation and will soon continue its deployment until it reaches 800 users.

Now, it is only used for teleworking, but later on, they are going to expand the project. It has been a change of philosophy and that took some time, because it is a big adaptation. Furthermore, usability has improved thanks to Awingu.

In conclusion, flexibility, speed of implementation and cost were the main reasons why Municipality of El Prat de Llobregat, together with the partner Indigo, chose Awingu to enable remote working within the public administration.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.

Corel acquires Awingu, creating next-level remote access and workspace capabilities

I’m thrilled to announce that Canadian-based Corel has acquired Awingu. Awingu has experienced rapid growth over the last year as the global workforce embraces permanent remote and hybrid business models and this is a great time for the next chapter in our story. Awingu is known for its powerful simplicity, and is recognized as a Unified Workspace and Zero Trust solution by analysts such as Gartner and Forrester.

Corel is a leading provider of solutions that promote workplace creativity, productivity, and collaboration. It’s the home of Parallels, an award-winning virtualization and VDI solution that includes Parallels Remote Application Server (RAS) and Parallels Desktop. The acquisition of Awingu strengthens Corel’s ability to deliver a secure, productive remote workspace for its millions of users.

This is good news for our customers and partners! Joining forces with Corel doesn’t replace Awingu, but rather enhances its capabilities. We truly believe that Parallels and Awingu are complementary technologies that build on each other and are stronger together. The combination results in a unified product that leverages the unique strengths of both solutions and meets an urgent market need for remote access and workspace technology. It also gives Awingu technologists more access to R&D resources to further expand and enhance the Awingu offering in ways that may not have been possible before.

While the Awingu technology isn’t going anywhere, the Awingu brand will be replaced by the Parallels brand over time. As much as we loved and are proud of the Awingu brand, no longer will our Awingurus need to explain that Wingu is the Swahili word for cloud. The Awingu teams will stay in place and will gradually be combined with the Corel and Parallels teams. I am also pleased to announce that I’ll be joining the Corel team moving forward, and I’m excited about what the future holds for our combined companies.

This acquisition means that Awingu will be part of a larger organization with more scale in customer success, sales, marketing, product development and support. Our commercial leverage will grow significantly. Awingu has strong and growing coverage in EMEA, which will be extended by Parallels’ global channels and vice versa. This opens the door for even stronger proximity to customers and partners.

On behalf of the Awingu team, I want to say that I’m really looking forward to this new chapter. I wish to thank all Awingu partners and customers who have supported and trusted us. Our journey is only getting started!

We will continue to communicate to our partners and customers, as plans take more shape and operational realities start to change.

Warm Regards,

Walter Van Uytven, CEO Awingu

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.

SAVIA enables its customers’ secure digital transformation with Awingu

Savia (Soluciones Avanzadas en Informática Aplicada) is a Spanish specialist provider of payroll and personnel management solutions for the public administration. More than 500 public organizations digitize and automate human resources administrative processes with their technology, gaining in efficiency and focusing on boosting talent and public performance. Their projects go beyond the technological aspect and put people at the center by accompanying them in the process of change to achieve the digital and cultural transformation of organizations.

Currently, Savia uses Awingu to facilitate their clients’ access to their cloud platform. They achieve this with a simpler, faster login and all framed in a single point accessible through a browser. In the past, they used RemoteApp or a remote desktop connection, which fell far short of Awingu, as Javier Prieto, Head of Marketing at Savia, explains. The key role played by our technology partner Claranet, working together with the Spanish distributor MCR, helped them to identify how Awingu could support them.

Digital transformation in public services
Public services have been digitizing at a rapid speed.
With Awingu, fast also means secure and scalable.

The digitization of public administration

One of the biggest problems for personnel departments is the excess of low-value tasks and the need for strategic focus. Technology and specialized services digitize all these administrative processes in their department, resulting in a change that is transferred to the entire organization.

The public sector has been accelerating its digitization exponentially, and employees play an essential role in that transition. HR teams are a driving force behind cultural and digital transformations and must be the first to internalize those changes and the new ways of working.

Therefore, Savia’s technological accompaniment, advice and support, in combination with Awingu, is contributing to the efficiency, digitization and improvement of the Public Administration, ultimately impacting on public service.

In search of a secure and easy solution

To facilitate this, Savia was looking for another solution to provide access to their users. This solution had to meet several requirements related to security, simplicity, and scalability:

  • Bringing greater security to their cloud services: isolating their solutions with an additional layer of security between the applications and the user.
  • Provide a less vulnerable form of access: Such as a remote desktop, which is more susceptible to certain threats.
  • Accessibility for your users: Allowing your solutions to be accessible regardless of architecture, OS, or device.
  • Scalability: Being able to scale resources based on demand.

They looked for a browser-based HTML5 solution and found Awingu among different alternatives. After testing, SAVIA quickly confirmed that Awingu matched its aforementioned needs:

“We saw that Awingu offered intuitive, fast and secure access. We chose it because it covered everything we needed. Awingu was the only solution that offered file management within a web environment in a very intuitive way”.
1516560888926
Javier Prieto
CMO, Savia

Today, Awingu is in a production environment providing access to solutions for more than 200 customers. They have received good feedback from their customers about the look & feel and the user experience. According to them, they have not only gained in accessibility and user experience, but also in speed and elimination of steps to access the solutions. In addition, they have found the scalability and redundancy possibilities useful without any problems for their users.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.

Awingu wins Data News’ “Digital Workplace Innovator of the Year” Award for Excellence

June 2nd 2022, Ghent/Brussels – Awingu is proud to have received the Data News “Digital Workplace Innovator of the Year” Award at yesterday’s Data News “Awards for Excellence 2022” event in Brussels Expo. The awards are the results of a solid selection process by the editorial staff of Data News, its readers and a jury of ICT professionals and thought leaders.

datanews-awards-digital-workplace-innovator-2
Proud Awingu CEO Walter Van Uytven received the award on stage

Back in 2016, Awingu won the Data News “Startup of the Year” Award. Hence, we see last night’s honor as a sign of recognition of our maturity and growth within the industry in the past 6 years. Given the fact that we were running against household names such as Delaware and Dell Technologies in the “Digital Workplace Innovator” category, we are all the more inspired to continue our mission to aid companies with their workspace transformation by making secure remote work available anywhere, on any device.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.

HVZ Rivierenland onboards Awingu to enable secure remote access to specific applications and files for all users on any device, anywhere

Nederlandstalige versie: zie onder

The Fire Brigade Zone Rivierenland (Zone Antwerp 2) is one of the 35 Belgian and one of the five Antwerp rescue zones. The zone officially started operating on 1 January 2015 and provides fire and medical assistance (ambulance) in the southwest of the province of Antwerp.

The Fire Brigade Zone Rivierenland comprises 19 municipalities that together represent a population of approximately 420,000. The total surface of the service area covers approximately 570 km². The Zone Rivierenland also borders on other ones like Antwerp, Rand, Kempen, East Flemish Brabant, Flemish Brabant West, East and Waasland.

Which applications are used via Awingu?

The IT department of the Fire Brigade Squad Rivierenland explains which applications are made available through Awingu in a safe way, based on the profile of the user.

ABIFIRE

For many zones ABIFIRE is the centre of daily operations. It contains modules for intervention reports, privacy-related personnel data, construction advice, prevention reports, material management and much more. If this package is not available for technical or security reasons, the operation of the zone practically stops.

For Rivierenland, it was therefore an absolute necessity to secure ABIFIRE even more. For them it was a minimum requirement that they could secure the login procedure with multi-factor authentication. As this is also built into Awingu, this was the first checkbox that could be ticked.

3P

The 3P package is a mandatory tool of the Government in procurement procedures. This application is also made available in the Awingu Virtual Workspace because the 3P licence only works with pre-agreed domain credentials.

BLUEBEAM

As a CAD programme, Bluebeam is a widely used tool within rescue districts to draw or modify plans. At HVZ Rivierenland this application runs on a separate server.

“Before Awingu was brought into use, this program was installed locally on each device. This required a lot of maintenance and follow-up, which can now be done centrally at the server level due to the limited IT team. Also, the performance for those who work remotely through Awingu is optimal with this CAD application. Thanks to Awingu, we were able to tick 2 more boxes.”

HERMES

The old, well-known accounting program is no longer current or in use at the zone. However, there is still a need to be able to access certain data here. Awingu as secure gateway brings here the perfect balance between security and user experience. Also, the impact of the irregular use of Hermes is nil, since the Awingu licenses are based on a concurrent model and not on a named basis. Another thing HVZ Rivierenland could tick off thanks to Awingu!

MERCURIUS

The Mercurius billing software is not only used by HVZ Rivierenland, but also by various local police zones. (Today, more than 60 police zones in Belgium work with Awingu). Within the HVZ, the need arose to build in some extra security. For example, there was no MFA foreseen for the internally hosted, web-based application, making the security risk too high. By putting this application behind Awingu, with MFA and a protocol switch on the Awingu appliance, a direct connection between the end user device and the server backend environment is avoided.

DIV

The DIV of the Flemish Government can now also be accessed directly, whereas previously the IT service had to push an Internet shortcut in each user profile.

REMOTE DESKTOP

To securely access your own servers from the outside, a secure connection is made via Awingu’s remote desktop functionality. In addition, every login and activity can be traced in the Awingu dashboard. Something that has proven to be very useful. This was the case when a certain anti-virus program caused another program to close down promptly. Of course, this also happened to be on a non-managed device belonging to one of the volunteers who work for the zone… Via the track & trace in Awingu, this issue could be detected and resolved fairly quickly, says the IT department as an anecdote.

The effect of Awingu at HVZ Rivierenland

We can conclude that the users are satisfied and the IT team even more so because, compared to the former Citrix use, there has been a strong simplification with Awingu.

“Volunteers who do not use a managed device from the zone, can simply use their own device to access the necessary applications as well as the file share that was integrated after the switch to Awingu. On top of that, nothing needs to be installed on the devices themselves, because Awingu is completely browser-based. This saves our IT admins time for configuration and maintenance, but also significantly reduces the cost for the type of devices.” The only thing that still needs to be installed is the remote application helper when using a Smartcard (eID).

In terms of security, huge steps have been taken with the introduction of just one tool, Awingu:

  • MFA is built in for free
  • All data processed through the browser is encrypted
  • A complete audit of everything is available
  • Even screen recording is used in some cases (especially when suppliers need access to the network).

The fact that HVZ East-Flemish Brabant and West-Flemish Brabant have also started working with Awingu, shows that HVZ Rivierenland is not alone and has made the right decision with this future proof solution.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.

What are ransomware attacks, and why are they on the rise?

The number of cyberattacks increases every day. Most notably, ransomware attacks are continuously on the rise: not a day goes by or a new ransomware attack and data breach are mentioned in the press. But what is ransomware exactly, and which types are there? How do these ransomware attacks happen, and what can you do to prevent them? In this blog post, we’ll formulate an answer to all of these questions.

A ransomware payment request – that’s one message you don’t want to see.

What are ransomware attacks?

Ransomware is a type of malicious software (malware), that is used by cybercriminals to encrypt a (portion of a) device’s data, rendering it no longer accessible. To regain access, criminals will demand a big ransom payment before they will give the decryption key or deactivate the lock screen. But, of course, it’s better to mitigate your chances of getting attacked to begin with – rather than paying the ransom. To put more pressure on the victims regarding the ransom demand, the hackers can use specific ransomware software to not only encrypt files but also search for sensitive data and send this information back to the hacker. During this type of malware attack, ransomware groups often spend much time unnoticed in the operating system, while searching for the most valuable data to exploit. If organizations then do not want to pay the ransom, the malware attacker often threatens to publish the stolen data online, which has disastrous consequences.

Who are ransomware attack targets?

In general, anyone can become the target of ransomware attacks. However, looking at the most recent data breaches in 2022 alone, it’s clear that hackers will focus on organizations that work with a lot of personal files and sensitive data, big user groups, and possibly smaller IT teams (such as in education or healthcare). Furthermore, they also tend to target industrial players as disruptions in their IT processes pose prominent problems for the company’s supply chain.

Which types of ransomware attacks are there?

A wide range of ransomware variants are being used, but let’s take a look at the most common ones:

  • Crypto ransomware or ‘encryptors’: This type of malware is perhaps the most famous one. A cybercriminal will encrypt files and to keep the decryption key, for which you will have to pay ransom. Notable examples are CryptoLocker, GoldenEye, WannaCry, …
  • Locker ransomware: This ransomware variant will block your basic computer functions. You won’t have access to your device and you’ll only see one lock screen or popup with the message that your files and applications are inaccessible and that you need to pay a certain amount of money before gaining access again.
  • Scareware: A type of malware designed to scare or manipulate people into visiting website pages or downloading malware-infested software. This is done by using social engineering tactics and popup ads. The goal is to make users believe they need to buy or download software (which is actually malicious). Some examples of scareware are: PC Protector, SpySheriff, Antivirus360, …
  • Doxware: With this term, we refer specifically to ransomware that is used to get personal data. They compromise the privacy of the employees by getting access to photos and sensitive files, after which they will threaten to release the data. Often attackers will deliberately target specific victims for this type of attack.
  • Ransomware as a service (RaaS): This is a business model for cybercriminals. Anyone, even without knowing how to code, can buy tools on the black market and use them for carrying out ransomware attacks. The tools are hosted and maintained by hacker collectives. Well-know RaaS providers are REvil, DarkSide, Maze, …
Ransomware’s goal is to lock up your data, and get you to pay for the key.

How do ransomware attacks happen?

Ransomware operators try to gain access to the company’s network or system via different techniques. Very often, they will try to do this via individuals in the organization, but they can also attempt to infect systems directly. The following list highlights some of the most common ways ransomware attacks happen.

  • Phishing: Criminals send employees of your organization an email that contains a malicious link or malicious attachments. It could be that the link goes to a website hosting a hostile file or code, or that the attachment has a download functionality built in. If one of the people at the company clicks on or opens the content of the phishing emails, malicious software could be installed and the ransomware infects the systems.
  • Insufficiently protected network: If you’re acting proactively in securing your network, cybercriminals can attempt to exploit multiple vulnerabilities and attack vectors to get in and let their malicious software do its thing.
  • Open RDP: Using RDP without any security measurements is something cybercriminals like to see, as they can exploit its weaknesses. That way they get access to the company’s system. Researchers found 25 vulnerabilities (!) in some of the most popular RDP clients (FreeRDP, Microsoft’s built-in RDP client, …) used by businesses in 2020.
  • Insecure VPN connections: VPN tunnels directly from your employees’ devices to your network. Together with RDP, the UK National Cyber Security Centre identified VPN as one of the largest risk factors for a ransomware attack, because malicious software from the client device can enter your corporate network remotely.

Examples of major ransomware attacks in 2022

Every day, another major organization is the victim of a ransomware attack. Some recent victims were:

  • Government systems in Costa Rica (May 2022): Cyberattack targeting systems from tax collection to importation and exportation processes through the customs agency. Furthermore, they also got access to the social security agency’s human resources system and the Labor Ministry. The Conti cartel has been demanding a lot of money for the attack. In the meantime, they have been starting to publish stolen information as they were tired of waiting for the ransom.
  • Florida International University (April 2022): Data breach that impacted the sensitive information of students and faculty. BlackCat was behind the attack.
  • The Scottish Association for Mental Health (March 2022): The health organization was targeted by a ransomware gang that impacted the IT systems. More than 12GB of personal and sensitive data was leaked online. Behind the attack was RansomEXX ransomware gang.
  • KP Snacks (February 2022): The hackers of the Conti gang were able to steal many sensitive documents like samples of credit card statements, spreadsheets including employee personal data, and confidential agreements, … They published even more of these data online after not receiving the ransom in time.
  • Moncler (January 2022): At the beginning of the year, the luxury Italian fashion giant became the victim of a data breach following an attack by ransomware gang BlackCat. Afterward, the company explained that various data had been impacted. The data was not only related to customers, but also to current and previous employees, as well as to suppliers, and business partners.

These are only a handful of thousands of (publicly known) examples. Ransomware attacks are not limited to certain verticals or countries. Without the right security measures in place, everyone can become a ransomware victim.

The notorious hacker collective Conti Group is behind many of the past year’s ransomware attacks.

Why are ransomware attacks rising?

Shift to hybrid and remote working

Ransomware attacks are on the rise as ransomware groups are continuing to adapt their techniques in this changing digital world. With the acceleration of remote working and shift to hybrid working, malicious actors are not only focusing on organizations in general but are also targeting individuals to gain access to the operating systems, files, and applications of companies.

More and more people are working outside the office networks. A lot of companies have set up a remote working solution in a quick way as they were surprised by the worldwide pandemic. However, in multiple cases businesses chose insecure solutions to do this (e.g. via opening RDP endpoints or facilitating ‘naked’ VPNs). The result was that they created gaps in their cybersecurity defense, which makes them an easy target for malware.

Financial benefits for ransomware group

Another reason for the rise is that more criminal groups see the benefit of ransomware attacks as companies tend to (in most times) pay the ransom. It can be a quick money win for them. Stealing and threatening to leak the data has been working well for these ransomware gangs, so we see a clear shift from denial of data to data extraction. Let’s take a look at how you can prevent making them rich.

Best practices to prevent ransomware attacks and spreading

Nobody wants to pay the ransom or wants to have encrypted files and encrypted data, right? So how can organizations prevent such ransomware attacks? How can you defend yourself? We’ve listed some best practices of ransomware protection for you:

  • Inform and train your employees:
    • IT admins shouldn’t click on unknown links or open malicious mail attachments, and should always use strong passwords with MFA enabled.
    • Facilitate security awareness training for your employees. The above is more difficult to enforce on your employees, so it is fundamental that you make them aware and train them in cybersecurity hygiene.
    • Phishing emails and social engineering attacks are still very popular techniques with cybercriminals to target individuals to make them the gateway into the organization’s computer system. Make sure your employees are aware of these practices so that they can recognize and counter them when they face an attempt.
  • Data backup:
    • Backup files and applications regularly.
    • Make sure to secure your offline data backups as well, and check that they are not connected permanently to the computers and networks that they are backing up.
  • Network segmentation:
    • If you have an infected system, make sure that malware cannot spread to another computer system by segmenting production and general-purpose networks.
    • That way, if somebody is using an infected computer and infects one of the smaller networks, you can try to isolate the ransomware before it spreads further.
    • This also gives the IT team more time to remove ransomware without it spreading throughout the entire organisation.
  • Review port settings:
    • Open RDP ports are one of the most common ways ransomware attacks are initiated. Using ‘naked’ RDP port 3389 to give employees remote access is opening the door for hackers and saying: “Welcome, this way please!”
    • Another port that is often targeted is Server Message Blocked port 445.
  • Limit user access privileges:
    • To block ransomware from entering, define the permissions of users thoroughly.
    • Set limitations to which applications, desktops, and files they have access.
    • Add security layers in line with the Zero Trust model as you can not trust anyone, even if it’s an authorized employee. Make sure you have control over what each user or user group can access or do.

What to do if you’re a victim of a ransomware attack

What can you do if you are the victim of a ransomware attack? Let’s check out the most common ways to recover from a ransomware infection.

  • Do not make a ransom payment: Firstly, stay calm and don’t rush into paying the ransom. It will only encourage criminals to keep on doing this. (And how can you be sure that the ransomware attackers will give your data back after you paid?)
  • Identify the source of the ransomware: Try to find out what the point of entry of the ransomware was. Talk with your users to find out who experienced the first signs of the attack.
  • Isolate the infected machines: You don’t always know how fast the ransomware could be spreading, but disconnect all devices from the network as soon as possible. This may help reduce the impact of a company-wide ransomware infection.
  • Report the attack to the authorities: This is a crime, and you should report it to the police. They could also be able to help you as they have access to more powerful resources for this type of crime.
  • Restore your data: If you have been taking regular backups of your data, you can use those off-site or cloud backup files to restore your data. This is why you should have a backup data strategy so you can move forward quickly without losing too much time. However, be careful as some ransomware may have been for months in your systems and therefore in your backups as well. You should always run an anti-malware solution on your backups first to check.

How can Awingu help with ransomware prevention?

Awingu on devices

Awingu is a unified workspace that makes it possible for a company to enable secure remote access to file servers, applications, and desktops for its employees. Our customer use it as an extra protection layer to secure ‘naked’ RDP, as well as to provide a secure alternative to VPNs. Users can access the workspace via the browser and nothing needs to be installed on the device. So even if they are using an infected device, there is no direct connection to the company’s network, so you don’t have to fear a ransomware infection. Awingu comes with various built-in security capabilities that will help you secure the access:

  • Browser-based workspace
  • Built-in MFA
  • Anomaly detection and monitoring in the dashboard
  • SSL encryption
  • No local data on the end-user device
  • Granular usage control
  • Context-awareness


If you want to learn more about how Awingu can help you protect your organization against ransomware attacks, click here!

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.

Awingu as a secure homeworking solution at the Municipality of Evere

Evere is a Belgian municipality with 43.000 inhabitants, in the Brussels-Capital Region with 1.220.000 inhabitants. In the municipal administration, there are about 300 computer users, working in different departments each with their own needs and work requirements. At the end of 2019, the IT team was looking for a simple and secure solution to enable teleworking for their employees.

Long before working with Awingu, the municipal administration of Evere had implemented the Citrix solution for all its users both within the municipal administration, as well as to allow employees to work remotely on an occasional basis. Over time, limitations encountered with certain specific business applications resulted in a mixed fleet of classic computers and Citrix workstations.

Too much complexity

In 2019, before the health crisis, the situation was as follows: two different solutions for workstations, one of which (Citrix) was slowly being upgraded or replaced by another solution.

“Managing two different technologies but especially the complexity of the Citrix configuration means more complex management, a higher level of skill for the IT team and higher support costs when faced with more advanced technical issues.”

“Managing two different technologies but especially the complexity of the Citrix configuration means more complex management, a higher level of skill for the IT team and higher support costs when faced with more advanced technical issues.”

fournier
Philippe Fournier
Responsible for IT at the Municipality of Evere

Working from home

To continue to make remote working possible and in anticipation of the implementation of structural teleworking, the IT team had already initiated before the start of the pandemic to look for another solution to replace their current configuration.

When the need for teleworking exploded in 2020 due to COVID, the team was pleased to have identified and begun implementing an ideal solution like Awingu.

Advantages of Awingu

Working with Awingu brings only advantages, both for the IT department and for the end users of the municipal administration of Evere, explains Philippe :

“The licensing model is very transparent and easy, especially when compared to other solutions like Citrix or VMware, where you need a consultant just to explain the model to you. Awingu offers competing licenses, so the only choice you have to make is whether to buy or rent the licenses.”

fournier
Philippe Fournier
Responsible for IT at the Municipality of Evere

In addition, he is very pleased that he can purchase Awingu through the CIBG’s central purchasing office. In their catalog, you can find Awingu licenses. All Brussels administrations that have joined the central purchasing office can buy Awingu licenses in compliance with public procurement legislation but without the administrative burden. When Philippe heard about this possibility from a colleague in Sint-Agatha-Berchem, a long-time Awingu customer (as well as 80 other local authorities in Belgium), he immediately saw the great advantage.

In addition, the IT team explained to him that it was relatively easy to install, set up and configure Awingu. For end users, Philippe adds, it couldn’t be simpler:

“Just go to the web, enter a predefined custom url, provide your username and password and you’re in. Then you can easily work with any application (legacy, web, SaaS) or file needed, all in a secure environment. If necessary, you can even mandate that some or all of the integrated MFA solutions be used at no additional cost.”

fournier
Philippe Fournier
Responsible for IT at the Municipality of Evere

For now, they are only using Awingu to facilitate teleworking in a seamless and consistent manner. Other goals are to enable secure remote access for external contractors via Awingu as well.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.

What is cyber insurance and what does the MFA insurance mandate mean?

In this blog we’ll give an overview about what a cyber insurance is and what you need to get it. Furthermore, we’ll talk about why multi factor authentication (MFA) has become a mandatory requirement to get one of those cyber insurance coverages.

What is cyber insurance?

What does cyber insurance mean?

A cybersecurity insurance or cyber liability insurance is a coverage against financial losses caused by cyber incidents (for example data breaches) and offers technical and recovery support.

To define the cost of your insurance, cyber liability insurers will look at multiple risk-factors, like for example, what industry you’re in, which way the organization covers data and of course, which security measures the organization already has in place.

There are various requirements that insurance companies define for organizations to be eligible for the insurance coverage. One of the most fundamental ones that most insurers ask for nowadays is Multi factor authentication (MFA).

train-employees-cybersecurity
Questions about training for employees will for sure be on the questionnaires you’ll need to fill in for an insurance quote.

All depends of course on the type of insurance you take.

It is important to understand that a cyber insurance coverage will not help you to identify cyber risks themselves, nor will they eliminate these. However, when your organization would be hurt by a cyber attack or data breach, having a cyber liability insurance will help you to, for example, recover compromised data, restore personal identities, or repair your damaged computer systems.

Some examples of events that could be covered by your insurance:

  • Data loss or breach (after hacking, employee theft, loss of memory stick, …)
  • Computer fraud
  • Business interruption due to a breach

Keep in mind that an insurance like this will protect you financially regarding your digital assets, but it won’t be able to cover every possible risk.

What does cyber insurance not cover?

Cyber liability insurance doesn’t cover claims of property damage or bodily injury. For this, you will need a general liability insurance, as a cyber one does not protect you against these claims.

Furthermore, your insurance (probably) also won’t cover:

  • Potential lost profits in the future.
  • Cost of restoring and improving your computer systems to a higher level of functionality than they were following a cyber event.
  • Loss of value caused by the theft of intellectual property from your company.
  • A lawsuit for any potential vulnerability in the systems of your organizations before a breach.

How much does cybersecurity insurance cost?

It’s not possible to give an exact answer on this question as it really depends of the protocols and systems you already have in place for cybersecurity. Cyber insurers will look at your current state to provide you with an exact cost of the cyber insurance policy. However, we see that the prices have been increasing on the cyber insurance market. So be sure to investigate what you can do to lower your premium.

How can you get a cybersecurity insurance?

What do you need to get such a cyber liability insurance? What is expected by cyber insurance providers to have in place already when looking for an insurance? To purchase one, you’ll have to provide information about your security controls to insurance underwriters.

What do you need to get a cyber insurance?

Insurance providers (like for example Hiscox, Chubb, AIG, The Hartford, …) will carry out a cyber insurance risk assessment to define your premium and coverage limits. You will have to fill out a questionnaire about your cybersecurity protocols, IT risk management, protocols, … The better you score on this one, the less expensive your coverage will be.

One of the minimum common requirements to get one nowadays is having Multi Factor Authentication (MFA) enabled for administrators and privileged users. This cyber insurance MFA mandate exists, because the additional layer is seen as a fundamental access security measure to protect not only on-site but also remote access. If you only use a password, cyber insurers will believe compromised accounts are inevitable for your organization’s future.

Of course, securing a password with MFA (for privileged and not privileged access) is no silver bullet that can protect against every attack, but it’s certainly a vital layer organizations will need. This MFA insurance requirement is thus something you’ll have to keep in mind when considering an insurance.

Furthermore, there are some more steps that (often) are standard requirements to get a cyber insurance:

  • All PCs must have antivirus software (up to date)
  • Company network must be protected by a firewall
  • Companies should back up business data, by using external media or a secure cloud service (this should be done regularly)
  • Users that want to have or gain access must follow a secure process
cyber-insurance-requirements
To get a cyber insurance coverage, you’ll need to fulfill some requirements.

What can you do extra to lower your cyber insurance?

There are multiple steps you can take to lower your premium. We’ve listed 5 of the most common industry practices that you should definitely take a look at:

  • Organize regular cyber training for employees
  • Make sure stored data is limited and restrict network access
  • Have 24/7 monitoring of suspicious activity
  • Provide solid recover procedures

What is Multi factor authentication (mfa) and why do you need it?

What does Multi factor authentication mean?

Authentication means the process of verifying the identity of a user. With Multifactor authentication this process exists of at least 2 different authentication factors. We speak specifically of two factor authentication when there are only 2 factors, and even that is already better than just one factor.

Knowledge factor

One factor to authenticate can be something you know like a password or a pin. Sometimes the knowledge factor can also be a security question that you’ll need the answer to gain access.

Possession factor

You can authenticate with something you have, like for example your phone. By using authenticator applications on your device, you can then receive a one-time code, that only works during a restricted time. Or you can receive a SMS code with a security key that you then fill in.

Inherence factor

This refers to something you ‘are’, more specifically biometric data. Sometimes fingerprints or face IDs are used to recognize the user’s identity.

Why do you need to implement MFA?

Multi factor authentication is seen as the extra layer to authentication that organizations need to avoid that compromised passwords can lead to a compromised network. If you adopt MFA as an extra security measure, you can protect your sensitive data, even if there are compromised credentials.

Often criminals of cyber threats try to gain broader access via individual users, and they have various strategies (phising, password spraying, credential stuffing, …) to get these passwords. If you use credentials with this extra security step like MFA, you’re making it more difficult for them.

To minimize the impact of cyber attacks on your IT infrastructure, insurers will inform you on this mfa insurance requirement for security when you’re reaching out to them.

How can you mitigate your organization’s remote access cybersecurity risks?

Awingu aggregates different applications, desktops and file servers and makes them available (with the possibility of single sign on) for your remote workforce in the browser via its ‘RDP-to-HTML5’ gateway. As Awingu runs completely in the browser, it’s possible to work on a Chromebook, iPad, mobile device, laptop, … any device really!

A variety of security features come bundled with our all-in-one solution:

  • Browser-based solution: All runs and stays in the browser. No direct connection with the end-user device, so no need to install extra antivirus software on the PC.
  • Secure authentication process: MFA is built-in, or you can integrate another commercial platform that you already have in place.
  • Context-awareness: It’s possible to define geo locations and/or IP addresses as safe zones per user (group) or feature.
  • No local data: There is no data stored locally on the device, ever.
  • Auditing: Access to various auditing capabilities like session recording, usage control, anomaly detection, …

Sources

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Awingu
Awingu produces a browser-based Unified Workspace solution. It allows users to work and collaborate from virtually anywhere using any device compatible with HTML5 browsers. As a turnkey solution, Awingu offers businesses the ease and convenience of platform-independent mobility and offers everything you need to stay productive: legacy and cloud applications, documents and data. Awingu requires zero configuration and zero client software installation, making IT administration extremely simple.