Remote Access Security Fundamentals
As everyone continues to deal with changes and restrictions due to COVID-19, many businesses have transitioned to a work-from-home model as a way to continue operations. Some busineses are using VPNs to allow direct connections for remote workers, others are using tools such as Splashtop, Microsoft remote Desktop, or Cisco Webex. It’s important to consider the security of these remote connections and the security of the devices on both ends. Every remote device allowed to connectis like adding another door to your office that must be locked and monitored.
Any time your systems are accessed remotely, multi-factor authentication such as Cisco Duo should be used to reduce the risk of malicious actors attempting to guess passwords and gain access. This is a simple addition that drastically increases security.
You also must consider the security of the systems that users are connecting remotely from. An insecure or out of date home computer that connects to your business network has the potential to compromise any or all systems on your network. Just because your VPN or remote access software is secure doesn’t mean you’re safe! Those remote devices should be running the same security software as office devices are, and should be patched and updated as well. Security software such as SentinelOne, Cisco Umbrella, and Webroot SecureAnywhere can help increase the security of any devices on your network.
Cybersecurity guidelines for WFH
The Cybersecurity and Infrastructure Security Agency (CISA) released an alert to encourage organizations to adopt a heightened state of cybersecurity. The CISA encourages organizations to review the following recommendations when considering alternate workplace options:
• Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations. See CISA Tips Understanding Patches and Securing Network Infrastructure Devices.
• Alert employees to an expected increase in phishing attempts. See CISA Tip Avoiding Social Engineering and Phishing Attacks.
• Ensure IT security personnel are prepared to ramp up the following remote access cybersecurity tasks: log review, attack detection, and incident response and recovery. Per the National Institute of Standards and Technology (NIST) Special Publication 800-46 v.2, Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security, these tasks should be documented in the configuration management policy.
• Implement MFA on all VPN connections to increase security. If MFA is not implemented, require teleworkers to use strong passwords. (See CISA Tips Choosing and Protecting Passwords and Supplementing Passwords for more information.)
• Ensure IT security personnel test VPN limitations to prepare for mass usage and, if possible, implement modifications— such as rate limiting—to prioritize users that will require higher bandwidths.
If you have questions about your existing remote access setup or IT infrastructure and security, or if you need assistance setting up remote access, please contact our account management team at 775-322-6455 or email sales@sierracomputergroup.com.