Secure Remote Access is a combination of security processes or solutions that are designed to prevent unauthorized access to an organization’s digital assets and prevent the loss of sensitive data. Secure remote access can encompass a number of methodologies such as VPN, multifactor authentication, and endpoint protection, amongst others.
The rapidly changing threat landscape and the increased number of remote workers due to the Covid pandemic have made secure remote access a critical element of today’s IT environment. Success requires education of users, strengthened cybersecurity policies, and the development of best practices in security hygiene.
- Protect endpoints for all remote users and their devices - Securing endpoints in a datacenter is fairly simple compared to securing endpoints for remote users who often use multiple devices during the course of a business day. Antivirus software should be installed on all endpoint devices, whether PC, Mac, Linux, iOS, or Android. Security policies should require all employees to maintain current protection if they are to access corporate resources.If necessary, provide guidance and assistance for employees to assist them in establishing secure access to the organization.
- Prevent remote access from increasing attack surface - Setting up remote access can present risks to the organization. In particular, ransomware attacks often scan for remote desktop protocol (RDP) servers and will gain access from any available port. Similarly, refrain from opening remote access ports unless firewalls are configured to only respond to known IP addresses from system administrators.
- Adopt multifactor authentication - Two factor authentication (2FA) requires users to provide ‘something they know and something they have’, for example a password and an authentication token, which can be generated by a device or from a smartphone application such as DUO. This can ensure that only verified users are admitted access to corporate resources.
- Use virtual private networks (VPN) - Many remote users will want to connect from insecure Wi-Fi or other untrusted network connections. VPNs can eliminate that risk, however VPN endpoint software must also be kept up-to-date to avoid vulnerabilities that can occur from older versions of the software client.
- Normalize logs and tracking of security information - Existing security information and event management (SIEM) tools that log traffic from client devices may suddenly view users logging in from their home IP addresses as an anomaly, so adjustments may be needed to both SIEM and geofencing or geo-blocking features in firewalls to ensure that employees can log in from wherever they are working from.
- Educate users and contractors - The Covid pandemic has seen the creation of a number of new cyberthreats and phishing attacks that purport to be related to the virus. As part of their security and compliance training all employees and others accessing corporate resources should be reminded not to click on any unsolicited email or the links therein.
- Update policies for remote workforce - Ensure that acceptable use policies include an employee’s home computing assets, which could be computer, laptop, tablet, and smartphone, including the updating of antivirus and VPN software that might be installed on employee-owned devices.
Secure remote access is not a single technology, but rather a collection of technologies that together provide the security that organizations need when users are working from home or other remote locations. They include:
Endpoint Security – This includes software such as antivirus for endpoint machines as well as policies that define how remote devices are to be used in the organization’s systems. This can include patch management and the prevention of downloading or caching business-critical information to remote devices.
Virtual Private Network (VPN) – VPNs are extremely popular for remote access, since they allow remote users connected via insecure remote Wi-Fi (Starbucks, bookshops) to connect to a private network through an encrypted tunnel.
Zero Trust Network Access (ZTNA) – As the name implies, ZTNA solutions make no assumptions about the security of a connection and require re-authentication before every transaction. This offers higher levels of security for the organization’s data and applications.
Network access control (NAC) – Network access is managed via a combination of tools such as two factor authentication (2FA), endpoint security tools, and policy education and enforcement.
Single sign-on (SSO) – With SSO, users only need a single set of credentials to access all their applications and resources.
Although there had been an increasing number of remote workers before 2020, the Covid pandemic rapidly accelerated the need for users to access corporate networks from multiple remote locations. For many organizations, the vast majority of inbound connections now originate at their employee’s home networks, which amplifies the risks on both the organization’s and the employee’s networks. As a result, older, legacy security measures do not meet the requirements of a largely remote, largely mobile user base. The new security baseline demands support for every user, from every device they use, from any network they connect from.
There are several benefits to a secure remote access strategy. Among them are:
Secure anywhere, any device access – Users can enjoy the same level of highly secure access they formerly enjoyed while in the workplace. Access controls can provide access to specific applications and data for each user based on their roles and responsibilities. Since many employees will be working from home even after the Covid crisis passes, this is the most critical benefit of a secure remote access strategy.
Robust endpoint protection – Secure remote access has no value if the endpoints are not likewise protected. Since users increasingly rely on multiple devices to perform their work, protection for laptops, tablets, and smartphones is essential. Additionally, employee-owned devices should be offered the same endpoint security capabilities as those provided by the organization.
Safe and secure web access – Organizations rely on many web-based and internet-focused applications as part of their IT environment. As a result, users require protection whenever they are connected to the internet, not just when they are connected to the organization’s on-premises resources. Secure remote access includes keeping users safe from web-based malware threats such as ransomware and phishing attacks.
Raises awareness of security issues – An increasingly mobile workforce presents many new security challenges, and for many of them education is the best cure. By maintaining and enforcing security policies and best practices IT and security organizations can constantly reinforce the importance of good cybersecurity hygiene.