Secure 3rd Party Devices
Manage and secure 3rd party-owned devices in compliance with PCI DSS, HIPAA and GDPR requirements.
Protect your IT infrastructure against attack vectors and vulnerabilities associated with 3rd party devices accessing your corporate network.
Our software solution leverages the Windows OS. No USB drives or dual-booting required.
De-risking 3rd party devices
IT leaders are commonly asked to provide 3rd parties (like agencies or contractors) with access to the corporate network.
However, 3rd party devices can expose organizations to security risks, as IT teams usually have less control over these devices compared to corporate-owned devices.
ThinScale gives you the control needed to ensure that 3rd party devices have parity with the organization’s cybersecurity posture.
How does ThinScale secure 3rd party devices?
User launches secure, isolated, and IT-managed session on any Windows device.
User is logged into a corporate profile within a secure workspace with no admin privileges, where they access VDI / DaaS (or locally saved apps).
Apps, services, and URLs can be whitelisted or blacklisted within this secure workspace, to prevent malware or unapproved services from running.
All data created during the secure session is saved to a hidden, BitLocker encrypted temporary drive that cannot be read by unapproved processes.
Data Loss Prevention (DLP): infiltration and exfiltration of data is prohibited. Data can be set to self-delete post-session.
External USB storage devices can be blocked without stopping the use of other USB devices such as headphones or keyboards.
When the user is finished working, they close the secure session and are logged back into their personal profile on the device exactly as it was.
Frequently asked questions
Learn more about how ThinScale secures 3rd party devices
When the secure session is launched, will it stop background services and apps from running on the device?
This behaviour can be configured by the IT team, giving you full control over what services and apps are allowed to run during the secure session. When the secure session ends, any background services or apps that had been running prior to the session will be resumed.
If malware is already running on the device, then it will be stopped as soon as the secure session is launched. This includes screen-scrapers and keyloggers which sit on the endpoint. Only IT-approved services and apps can run during a secure session.
If ThinScale’s VDA is enabled, they will not be able to do this. ThinScale’s VDA (Virtual Desktop Agent) checks each time there is an attempt to access the VDI / DaaS to ensure that the secure session is running on the device. If it is not, the connection is blocked.
What about an employee’s personal privacy, is any personal data visible to or accessible by the IT team?
No. ThinScale’s Dual Persona technology enforces complete segregation between personal and work-related data, with zero chance of contamination in either direction.
ThinScale’s solutions can be remotely wiped from the device by your IT team, removing the ability to launch a secure session and revoking access to the corporate network. This is crucial when managing a remote / WFH workforce.
No. The client hosts the management platform within their own data centre.
Continue your research
All ThinScale solutions are regularly pen-tested and help maintain compliance with PCI DSS, HIPAA, and GDPR. Read our compliance reports from Coalfire.
Want to learn more about the product? Read our technical datasheet to understand the key features and benefits in more detail.
More use cases
What else can ThinScale do for you? Check out our full list of use cases.