Major security concerns for telework and remote access technologies include: A lack of physical security controls is an issue because telework client devices are used in a variety of locations outside of the organization’s control, such as employees’ homes, coffee shops, and other businesses.
Full Answer
What is NIST Special Publication 800-46 Revision 2?
This bulletin summarizes highlights from NIST Special Publication 800-46 Revision 2, Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security, which helps organizations protect their IT systems and information from the security risks that accompany the use of telework and remote access technologies.
What are the NIST guidelines for remote work security?
Below are key guidelines recommended by the National Institute of Standards and Technology ( NIST) in supporting standard users, privileged administrators, BYOD and third parties. Plan remote work-related security policies and controls based on the assumption that external environments contain hostile threats.
What are the security concerns of telework and remote access technologies?
Major security concerns for telework and remote access technologies include: A lack of physical security controls is an issue because telework client devices are used in a variety of locations outside of the organization’s control, such as employees’ homes, coffee shops, and other businesses.
How to mitigate remote work security threats?
Mitigating client device loss or theft includes encrypting the device (e.g. hard disk encryption), and not storing sensitive data on client devices altogether. For mitigating device reuse threats, use strong and multi-factor authentication. Develop a remote work security policy that defines telework, remote access, and BYOD requirements.
What are the security risks associated with remote access?
Many remote access security risks abound, but below is a list of the ones that jump out.Lack of information. ... Password sharing. ... Software. ... Personal devices. ... Patching. ... Vulnerable backups. ... Device hygiene. ... Phishing attacks.
What are the security requirements for remote access?
7 Best Practices For Securing Remote Access for EmployeesDevelop a Cybersecurity Policy For Remote Workers. ... Choose a Remote Access Software. ... Use Encryption. ... Implement a Password Management Software. ... Apply Two-factor Authentication. ... Employ the Principle of Least Privilege. ... Create Employee Cybersecurity Training.
Is remote access security Secure?
Yes. A robust cloud-based, highly secure remote access solution can provide unified protection for virtually all users against web-based threats — independent of a VPN connection.
What are the top remote access threats that organizations face today?
Top 5 Remote Work Cybersecurity Threats1) Virtual Private Network. As gaining access to official servers is a daily requirement, virtual private network (VPN) software was doled out in huge numbers to remote working applications. ... 2) Phishing. ... 3) Fake Azure Applications. ... 4) MFA Circumventing. ... 5) Insider Threats.
What are examples of remote user security policy best practices?
Best Practices For Remote Access SecurityEnable encryption. ... Install antivirus and anti-malware. ... Ensure all operating systems and applications are up to date. ... Enforce a strong password policy. ... Use Mobile Device Management (MDM) ... Use Virtual Private Network (VPN) ... Use two-factor authentication.More items...•
How do you keep security when employees work remotely?
Remote Work Security Best PracticesEstablish and enforce a data security policy. ... Equip your employees with the right tools and technology. ... Frequently update your network security systems. ... Regulate the use of personal devices. ... Institute a “Zero Trust” approach. ... Make sure all internet connections are secure.More items...
Why RDP is not secure?
The risks of such exposure are far too high. RDP is meant to be used only across a local area network (LAN). Since RDP hosts support a listening port awaiting inbound connections, even the most secure installations can be profiled as a Windows Operating System and its version.
What are the 3 most common cybersecurity problems in enterprises?
The biggest cyber security threats that small businesses face, and how you can protect yourself against them. Phishing Attacks. Malware Attacks. Ransomware. Weak Passwords. Insider Threats.
What security issue could happen while working remotely?
Another threat that remote workers face is the possibility of attackers sending phishing emails. These are scams designed to fool people into handing over your details or downloading a malicious attachment containing a keylogger.
What are the 3 threats to information security?
Viruses and worms. Viruses and worms are malicious software programs (malware) aimed at destroying an organization's systems, data and network. ... Botnets. ... Drive-by download attacks. ... Phishing attacks. ... Distributed denial-of-service (DDoS) attacks. ... Ransomware. ... Exploit kits. ... Advanced persistent threat attacks.More items...
Is Google remote access secure?
Is Chrome Remote Desktop secure? While remote desktop software comes with inherent risks, Chrome Remote Desktop is safe and secure. Its remote sessions use AES computer encryption through a secure SSL connection, protecting your data while you remotely access your computer.
Is RDP more secure than VPN?
Security. Although both VPN and RDP are encrypted through internet connection, a VPN connection is less accessible to threats than a remote desktop connection. For this reason, VPN is often considered more secure than RDP.
Is RDS gateway secure?
Remote Desktop Gateway (RDG or RD Gateway) is a Windows Server role that provides a secure encrypted connection to the server via RDP.
What is remote work security?
Remote work security policies should define the forms of remote access permitted, the types of devices that can be used and the type of access allowed for each type of remote worker. The policies should also cover how remote access servers are administered and how their policies are updated. Organizations should make risk-based decisions about ...
What is cloud native service?
Using the cloud-native service, administrators can leverage the cloud-native service to effortlessly provision and deprovision access to virtual machines, applications and services with granular role-based access profiles.
What is check point corporate access?
By supporting a variety of protocols, Check Point Corporate Access enables secure access to databases (SQL), administration terminals (SSH) and remote desktops (RDP). Integrating with any Identity Provider, its lightweight Privileged Access management (PAM) module offers built-in SSH server key management to ensure the security of an organization’s crown jewels.
Does remote desktop access involve remote access?
Remote desktop access does not involve remote access servers, so there is no issue with the placement of the remote access server. Direct application access servers run the application server software on the servers themselves. Placing them at the network perimeter has a similar effect as the remote access user is only running applications on ...
Why is remote access important?
The security of remote access servers, such as VPN gateways and portal servers, is particularly important because they provide a way for external hosts to gain access to internal resources, as well as a secured, isolated telework environment for organization-issued, third-party-controlled, and BYOD client devices. In addition to permitting unauthorized access to enterprise resources and telework client devices, a compromised server could be used to eavesdrop on communications and manipulate them, as well as a “jumping off” point for attacking other hosts within the organization. Recommendations for general server security are available from NIST SP 800-123, Guide to General Server Security. Remote access servers should be kept fully patched, operated using an organization-defined security configuration baseline, and managed only from trusted hosts by authorized administrators.
Which framework is most pertinent for securing enterprise telework, remote access, and BYOD technologies?
This appendix lists the Cybersecurity Framework48 subcategories that are most pertinent for securing enterprise telework, remote access, and BYOD technologies. Next to each subcategory is an explanation of its implications particular to enterprise telework, remote access, and BYOD security.
What is the key component of controlling access to network communications and protecting their content?
major component of controlling access to network communications and protecting their content is the use of cryptography. At a minimum, any sensitive information passing over the Internet, wireless networks, and other untrusted networks should have its confidentiality and integrity preserved through use of cryptography. Federal agencies are required to use cryptographic algorithms that are NIST-approved and contained in FIPS-validated modules. The FIPS 140 specification, Security Requirements for Cryptographic Modules, defines how cryptographic modules are validated.24 It is important to note that for a remote access system to be considered compliant to FIPS 140, both sides of the interaction must have passed FIPS 140 validation. Many remote access systems, such as SSL VPNs, support the use of remote access client software from other vendors, so there may be two or more distinct validation certificates for a particular remote access system.
What is remote desktop access?
remote desktop access solution gives a teleworker the ability to remotely control a particular PC at the organization, most often the user’s own computer at the organization’s office, from a telework client device. The teleworker has keyboard and mouse control over the remote computer and sees that computer’s screen on the local telework client device’s screen. Remote desktop access allows the user to access all of the applications, data, and other resources that are normally available from their PC in the office. Figure 2-3 shows the basic remote desktop access architecture. A remote desktop access client program or web browser plug-in is installed on each telework client device, and it connects directly with the teleworker’s corresponding internal workstation on the organization’s internal network.
What is a portal in remote access?
A portal is a server that offers access to one or more applications through a single centralized interface. A teleworker uses a portal client on a telework client device to access the portal. Most portals are web-based—for them, the portal client is a regular web browser. Figure 2-2 shows the basic portal solution architecture. The application client software is installed on the portal server, and it communicates with application server software on servers within the organization. The portal server communicates securely with the portal client as needed; the exact nature of this depends on the type of portal solution in use, as discussed below.
Where should a remote access server be placed?
Intermediate remote access servers connect external hosts to internal resources, so they should usually be placed at the network perimeter. The server acts as a single point of entry to the network from the perimeter and enforces the telework security policy. If remote access is needed to a particular sub-network within the organization, there are generally two options: 1) place the remote access server at the edge of the sub-network, where the sub-network joins the full network; or 2) place it at the perimeter of the full network and use additional mechanisms to restrict the teleworkers to only be able to access the specified sub-network. The value of placing the remote access server at the network perimeter versus the sub-network perimeter differs for the four types of remote access methods:
Can telework devices be stolen?
All telework devices, regardless of their size or location, can be stolen. Some thieves may want to read the contents of the data on the device, and quite possibly use that data for criminal purposes. To prevent this, an organization should have a policy of encrypting all sensitive data when it is at rest on the device and on removable media used by the device. The creation and use of cryptographic keys for encrypting remote data at rest should follow the same policies that an organization has for other keys that protect data at rest.33
What are the security concerns of telework?
Major security concerns for telework and remote access technologies include: A lack of physical security controls is an issue because telework client devices are used in a variety of locations outside of the organization’s control, such as employees’ homes, coffee shops, and other businesses.
Where should a remote access server be placed?
7. Consider the network placement of remote access servers; in most cases, a server should be placed at an organization’s network perimeter so that it acts as a single point of entry to the network and enforces the telework security policy before any remote access traffic is permitted into the organization’s internal networks.
What is telework security policy?
A telework security policy should define which forms of remote access the organization permits, which types of telework devices are permitted to use each form of remote access, and the type of access each type of teleworker is granted.
What is an unsecure network?
Unsecured networks are used for remote access. Because nearly all remote access occurs over the internet, organizations normally have no control over the security of the external networks used by telework clients. Communications systems used for remote access include broadband networks, such as cable, and wireless mechanisms, such as Institute of Electrical and Electronics Engineers (IEEE) 802.11 and cellular networks. These communications systems are susceptible to eavesdropping as well as man-in-the-middle attacks to intercept and modify communications.
What are the threats to telework?
There are many threats to telework client devices, including malware, device loss or theft, and social engineering . However, because telework devices are generally at greater risk in external environments than in enterprise environments, additional security controls are recommended, such as encrypting sensitive data stored on the devices.
Why do teleworkers need additional protection?
According to the bulletin, "Telework and remote access technologies often need additional protection because their nature generally places them at higher exposure to external threats compared to technologies that are only accessed from inside the organization. Major security concerns for telework and remote access technologies include:
How to mitigate telework?
Options for mitigating this include encrypting the device’s storage, encrypting all sensitive data stored on client devices, and not storing sensitive data on client devices. For mitigating device reuse threats, the primary option is using strong authentication—preferably multi-factor—for enterprise access.