Rublon

Secure Remote Access

Last updated on July 22, 2025

IT services provider Astec secured access to critical apps using Rublon

Two-factor authentication enables development teams to securely access VPN, SSH, internal tools and cloud apps while reducing the company’s GDPR risk.

“As a supplier that serves global enterprises, Astec has to adhere to strict information security requirements, especially after GDPR came into effect. Rublon provided us with an affordable solution that meets our compliance obligations, while enhancing our organization’s security posture and making security easy for our development teams.”

avatar

Krzysztof Polikowski

Head of IT, Astec

Objectives

Astec wanted to make security easy for developers

Wanted to protect VPN, SSH, internal tools and cloud apps

Needed a cloud-based, modern two-factor solution that worked with mobile devices and YubiKeys

Astec is required to meet and keep up to date on information security compliance requirements (e.g. ISO/IEC 27001)

Results

Secure access to VPN, Linux servers via SSH, internal tools and cloud applications

Reduction of GDPR risk by enabling 2FA for applications that process personal data

ISO/IEC 27001 standards met by enabling a secure log-on procedure for access to information, test data and development environments

Customer

Name:
Astec

Industry:
Technology

Number of employees:
50

Location:
Zielona Gora, Poland

Website:
www.astec.net

Description:
Astec is a nearshore IT services provider that drives companies forward by developing custom digital solutions that empower customers and employees. Working from their offices in Poland, they make software used mainly by the European automotive industry and enterprises operating critical infrastructure, e.g. energy and telecommunications.

The Challenge

Strong Security while Reducing Friction

Being an enterprise-focused IT services provider, Astec is serving companies that work on critical projects and process large amounts of personal data. The size and value of their operations, as well as GDPR, are the reason for the strict information security requirements that are imposed on Astec. Focusing on user experience for their development teams that work in the company’s offices and remotely, Astec was looking for an affordable solution that would secure access to the applications that they use to serve their clients.

Reduce GDPR Risk

The introduction of the General Data Protection Regulation (GDPR) in the European Union was a wake-up call for many organizations that process personal data. The Polish regulator imposed a fine of over $700k USD to a Polish ecommerce company that suffered a data breach, citing the lack of two-factor authentication inside the organization as one of the reasons. Astec wanted to protect themselves from such risk.

Each project that Astec does is different and sometimes access to their clients’ customer databases is required for maintenance & support purposes. Being obliged to comply with GDPR standards by their clients, Astec wanted to reduce their risk by ensuring that only authorized employees have access to that data.

Achieve ISO/IEC 27001 Compliance

Astec was facing increased pressure from its clients to adhere to rising information security compliance requirements and had to undergo ISO/IEC 27001 certification. They also understood additional benefits coming from implementing this standard, including helping them comply with EU GDPR data privacy laws.

ISO/IEC 27001 mandates that access to systems and applications shall be controlled by a secure log-on procedure. Also, information passing over public networks must be protected from unauthorized disclosure and modification. To comply, Astec must also appropriately protect test data and development environments for system development and integration efforts.

The Solution

Astec deployed Rublon for its employees, contractors and partners.

As they were looking at a variety of two-factor authentication solutions to protect their applications, they were interested in the possibility of protecting SSH access to production systems. Rublon allows Astec to protect their SSH connections and a wide variety of other assets as well.

Cloud-based 2FA with Low Cost and No Hardware

Astec didn’t have to buy hardware that needed to be installed on their infrastructure. Since Rublon is a cloud-based service, Astec was able to test it without much of a commitment.

Astec wanted to get running quickly, which was possible thanks to Rublon’s easy integration possibilities. Rublon’s flexible pricing model made Rublon a cost-effective solution for Astec with a very low cost of entry.

Astec integrated Rublon’s two-factor authentication with their Cisco ASA VPN, Linux production servers with SSH access, custom-developed internal tools and cloud apps like Float and Pipedrive.

Mobile Push Authentication with Rublon Authenticator

Using smartphones for authentication is how Rublon makes the user experience painless. While other two-factor authentication solutions may require you to buy expensive hardware security tokens, Rublon allows users to use their own mobile devices for authentication.

The Rublon Authenticator mobile app enables users to authenticate by approving Mobile Push login requests, an authentication method recommended by Gartner. Rublon Authenticator is available for both iOS and Android devices and can be downloaded from the App Store and Google Play for free.

Support for FIDO2 Hardware Security Keys

For some of their users, Astec wanted to secure access to critical applications using FIDO2 hardware security keys from YubiKey. Rublon gave them this possibility by supporting FIDO2 as one of the authentication methods that users can choose from if enabled or required by their organization.

User Enrollment via Company Email Address

Astec defined their company’s domain name in their Rublon Admin Console, which enabled users to be automatically enrolled during the first login with Rublon, as their corporate email address is passed to Rublon during each protected login. With this automatic enrollment mode, users who install the Rublon Authenticator mobile app on their mobile device are instantly added to their company’s Rublon users list when they add their corporate email address to the app.