Case Study: Large Fiber Manufacturer achieves secure JIT/JEA remote vendor access and site-level control with SSH.COM PrivX

Secure JIT and JEA-Based Access for International Manufacturer in the Forest Industry

Large Fiber Manufacturer, a global producer of fiber, wood and molecular bioproducts with 54 sites in 12 countries, needed a secure “gatekeeper” to give trusted automation vendors controlled remote access. They required just-in-time (JIT) and just-enough-access (JEA) controls across RDP, VNC, SSH and HTTP/HTTPS, native PLC access (e.g., Siemens SIMATIC) via VPN, AV file checking, an efficient approval workflow that prevents vendors from seeing other vendor options, and per-site management of access and approvals. SSH.COM was engaged to design and deliver the solution using its PrivX platform.

SSH.COM implemented a tailored PrivX deployment that added Network Target (PLC) access over the customer’s VPN, plain VNC and ICAP support, a session-request and approval workflow, and per-site RBAC and workflow management. The solution enables secure JIT/JEA access for internal and external users, proxies VPN traffic to PLC machines, removes standing privileges through session-based approvals, and lets each of the 54 sites manage users, roles and targets independently—delivering faster, more transparent approvals and centralized control via SSH.COM PrivX.