Cyolo announced several major new capabilities, headlined by Cyolo Third-Party VPN Control. This capability within the company’s Cyolo PRO (Privileged Remote Operations) solution delivers visibility and access control for enforced third-party VPN and direct connections without requiring changes to production infrastructure or vendor workflows.
In today’s industrial environments, even organizations with mature security programs face a critical blind spot: third-party connections they cannot govern or even see. Some vendors insist on using their own legacy VPNs, site-to-site tunnels, or proprietary ‘black box’ gateways on OT networks, forcing plant managers and industrial operators to accommodate external methods that operate outside of their control.
These opaque and unmanaged pathways pose significant risks, leaving organizations unaware of who is connecting, when, where, and what activities are occurring inside their most sensitive networks.
The new Third-Party VPN Control capability helps close this gap by enabling visibility and access policy enforcement, even when externally managed VPNs or hardware gateways are used.
This Cyolo PRO release includes additional enhancements, each tailored to address critical access and collaboration needs in cyber-physical environments:
- Instant collaboration link: A browser-based, one-time secure link, enabling session owners to invite multiple external participants, i.e., vendors, auditors and engineers into RDP, SSH, or VNC sessions including security controls without agent installations.
- Secure remote assistance: Native, secure technical support for both user-initiated and helpdesk-initiated assistance sessions, allowing organizations to deliver timely support while maintaining complete security and operational governance.
- Asset access hub: Provides a comprehensive view of assets across various business contexts (e.g., function, vendor) and technical attributes (e.g., IP address, zone, access status). This empowers administrators to manage access based on relevant context and quickly assign accurate, role-based permissions.
As always, Cyolo PRO integrates seamlessly with legacy remote connectivity setups and supports Zero Trust principles by segmenting access.
“In today’s virtual environments, third-party vendors are essential for the unbroken continuity of industrial operations and critical infrastructure—both vital for the economy and national security. However, third-party access methods too often introduce unacceptable risks,” said Almog Apirion, CEO of Cyolo. “We are always thinking about the real-world challenges our customers face and endlessly innovating to solve those problems. This latest advance represents the next step in the transformation of OT and CPS access, making it more agile, secure, and seamless for administrators and end users, without forcing vendors to change the tools they rely upon.”
With these advanced new capabilities, organizations gain:
- Zero trust for VPNs: Segments and restricts third-party access for approved assets, reducing lateral movement risk.
- Access visibility: Real-time visibility into incoming access sessions.
- Compliance-ready architecture: Aligns with NERC CIP, ISA/IEC 62443, ISA99, and NIST 800-82 standards.
- Broad compatibility: Integrates with all legacy remote connectivity suppliers.
