Kasm Workspaces is an internet-facing remote-workspace platform with browser-isolated sessions. Use the vendor hardening baseline, then enforce network and DLP controls.
- Review and apply Kasm hardened settings for authentication, session controls, and global security defaults.
- Keep Kasm Authorization enabled.
- Use explicit authorization domain values instead of dynamic defaults.
- Revalidate settings after upgrades.
¶ 2) Harden reverse proxy and perimeter controls
- Place Kasm behind hardened reverse proxy/WAF.
- Enforce HTTPS/HSTS and strict TLS policy.
- Restrict admin interfaces to trusted networks.
- Apply rate limiting at enterprise firewall/reverse proxy layers.
¶ 3) Secure workspace data and session behavior
- Configure DLP controls for clipboard, uploads/downloads, and printing according to policy.
- Isolate workspace containers and avoid privileged runtime settings.
- Rotate integration credentials and LDAP/SAML secrets.
- Audit session events and admin actions.
- Kasm security overview: https://kasm.com/docs/latest/security.html
- Kasm hardening checklist: https://kasm.com/docs/latest/security/workspaces.html
- Kasm reverse proxy security guidance: https://docs.kasm.com/docs/security/reverse_proxy/index.html
Any questions?
Feel free to contact us. Find all contact information on our contact page.