Is Your Remote Access Policy a Security Risk?
For years companies have provided remote access for employees to work from home. Mobile phones, laptops, WiFi and cloud computing make it easy for employees to work anywhere. Here in the North East, it’s not unusual to have companies recommend that employees stay home and work during a bad snowstorm.
But this does not even compare to the challenges many companies face with the coronavirus. Andrew Hewitt, analyst at Forrester said in a ZDNet article, “CIOs should be helping their businesses prepare for increased remote working during the coronavirus outbreak.” Having a remote access strategy is an important part of business continuity.
With more companies announcing temporary work from home policies, now is the perfect time to test your company’s remote access strategies and make sure they are secure.
Understanding the Risk
Remote workers inherently increase your security risks by creating new entry points for malicious actors to execute malware, ransomware, phishing and brute force attacks. When remote workers use home and public networks, they are often not secure. This makes it easier for hackers to gain access through targeted phishing or malware attacks. IT departments have a harder time controlling and securing information when it’s accessed remotely.
To address remote access, companies can implement strong/rotating password policies, multi-factor authentication (MFA), VPNs and other identity management or IAM solutions. These can be great options for most employees. But what about privileged users such as system or IT admins? Or anyone else who requires privileged access to systems and sensitive information?
If a hacker is able to access a privileged account, they can access your most sensitive company data, move laterally through your business network, evade detection and cause serious damage to a business reputation and put you in violation of compliance regulations.
With 80% of breaches involving privileged accounts, it is critical that companies have secure remote access strategies in place for both regular and privileged users.
Securing Remote Access for Privileged users
Privileged access management software is designed to help companies manage and control who has access to and how they access privileged credentials. This includes remote access for employees (or partners) to cloud or network systems. For example, XTAM’s Remote Employee Gateway creates a security perimeter across hybrid IT environments and blocks malicious outsiders by forcing remote users to go through XTAM to access corporate systems. This provides added security that companies need when addressing remote access and privileged credentials.
PAM solutions offer additional benefits of session monitoring, video recording, and notifications required for auditing and compliance. Companies have greater control to set access policies. You can set parameters on the time of day, location (IP address), or days of the week. PAM software also offers easy integration with the leading MFA offerings such as RADIUS, DuoSecurity, Google Authenticator, and Yubikey
With PAM software you can implement the principle of least privilege and restrict access rights for privileged users, accounts, and computers/applications to only those resources/permissions required to perform their job effectively. When most of your workforce is accessing systems remotely, least privilege ensures people only have access to the systems they need and no more. PAM software also identifies inappropriate permissions, records each session for compliance and sends alerts should the software notices suspicious activity and even terminates a suspicious session.
As more companies consider their work from home options, one thing is clear. Remote workers and partners will need access to your network and accounts, including Windows, Unix, AWS or Azure Instances, Mainframes, Cisco and Juniper Network Devices, Websites or Web Management Portals, in order to maintain your business. Leveraging a PAM solution can provide secure remote access to your most sensitive systems, data, and information. Companies will have the confidence that their infrastructure remains secure while users are working from home or anywhere else in the world.