NIST also recommends placing remote access servers at the network perimeter and defines four types of remote access methods:
- Tunneling servers provide administrators control over the internal resources for remote worker access at the network...
- Portal servers that run the application client software on the servers themselves. Placing them at the network perimeter...
Full Answer
How to develop a remote work security policy?
Develop a remote work security policy that defines telework, remote access, and BYOD requirements. Remote work security policies should define the forms of remote access permitted, the types of devices that can be used and the type of access allowed for each type of remote worker.
What are the NIST guidelines for remote work security?
Below are key guidelines recommended by the National Institute of Standards and Technology ( NIST) in supporting standard users, privileged administrators, BYOD and third parties. Plan remote work-related security policies and controls based on the assumption that external environments contain hostile threats.
What is remote access and how does it work?
Most teleworkers use remote access, which is the ability to access their organization's non-public computing resources from locations other than the organization's facilities.
How do I enforce access restrictions for remote access?
Enforcing access restrictions for remote access is addressed via AC-3. Employ automated mechanisms to monitor and control remote access methods. Implement cryptographic mechanisms to protect the confidentiality and integrity of remote access sessions. Route remote accesses through authorized and managed network access control points.
What is an access system?
Access by users (or information systems) communicating external to an information system security perimeter. Access to an organizational system by a user (or a process acting on behalf of a user) communicating through an external network.
What is remote access?
Definition (s): Access to an organizational information system by a user (or an information system) communicating through an external, non-organization-controlled network (e.g., the Internet). Source (s):
What is the key component of controlling access to network communications and protecting their content?
major component of controlling access to network communications and protecting their content is the use of cryptography. At a minimum, any sensitive information passing over the Internet, wireless networks, and other untrusted networks should have its confidentiality and integrity preserved through use of cryptography. Federal agencies are required to use cryptographic algorithms that are NIST-approved and contained in FIPS-validated modules. The FIPS 140 specification, Security Requirements for Cryptographic Modules, defines how cryptographic modules are validated.24 It is important to note that for a remote access system to be considered compliant to FIPS 140, both sides of the interaction must have passed FIPS 140 validation. Many remote access systems, such as SSL VPNs, support the use of remote access client software from other vendors, so there may be two or more distinct validation certificates for a particular remote access system.
What is a health check for telework?
After verifying the identity of a remote access user, organizations may choose to perform checks involving the telework client device to determine which internal resources the user should be permitted to access. These checks are sometimes called health, suitability, screening, or assessment checks. The most common way of implementing this is having the remote access server perform health checks on the teleworker's client device. These health checks usually require software on the user’s device that is controlled by the remote access server to verify compliance with certain requirements from the organization’s secure configuration baseline, such as the user’s antimalware software being up-to-date, the operating system being fully patched, and the user’s device being owned and controlled by the organization. Fewer health checks are generally available on mobile devices, but an important check usually provided is to determine if a mobile device has been rooted or jailbroken, which can have serious negative security implications.23
What is remote desktop access?
remote desktop access solution gives a teleworker the ability to remotely control a particular PC at the organization, most often the user’s own computer at the organization’s office, from a telework client device. The teleworker has keyboard and mouse control over the remote computer and sees that computer’s screen on the local telework client device’s screen. Remote desktop access allows the user to access all of the applications, data, and other resources that are normally available from their PC in the office. Figure 2-3 shows the basic remote desktop access architecture. A remote desktop access client program or web browser plug-in is installed on each telework client device, and it connects directly with the teleworker’s corresponding internal workstation on the organization’s internal network.
What is a portal in remote access?
A portal is a server that offers access to one or more applications through a single centralized interface. A teleworker uses a portal client on a telework client device to access the portal. Most portals are web-based—for them, the portal client is a regular web browser. Figure 2-2 shows the basic portal solution architecture. The application client software is installed on the portal server, and it communicates with application server software on servers within the organization. The portal server communicates securely with the portal client as needed; the exact nature of this depends on the type of portal solution in use, as discussed below.
What is telework in business?
Many people telework (also known as telecommuting), which is the ability for an organization’s employees, contractors, business partners, vendors, and other users to perform work from locations other than the organization’s facilities. Teleworkers use various client devices, such as desktop and laptop computers, smartphones, and tablets, to read and send email, access websites, review and edit documents, and perform many other tasks. These client devices may be controlled by the organization, by third parties (the organization’s contractors, business partners, or vendors), or by the users themselves (e.g., BYOD). Most teleworkers use remote access, which is the ability for an organization’s users to access its non-public computing resources from external locations other than the organization’s facilities.
What is a telework document?
The purpose of this document is to assist organizations in mitigating the risks associated with the enterprise technologies used for telework, such as remote access servers, telework client devices (including bring your own device [BYOD] and contractor, business partner, and vendor-controlled client devices, also known as third-party-controlled devices), and remote access communications. The document emphasizes the importance of securing sensitive information stored on telework devices and transmitted through remote access across external networks. This document provides recommendations for creating telework-related policies and for selecting, implementing, and maintaining the necessary security controls for remote access servers and clients.
Why is remote access important?
The security of remote access servers, such as VPN gateways and portal servers, is particularly important because they provide a way for external hosts to gain access to internal resources, as well as a secured, isolated telework environment for organization-issued, third-party-controlled, and BYOD client devices. In addition to permitting unauthorized access to enterprise resources and telework client devices, a compromised server could be used to eavesdrop on communications and manipulate them, as well as a “jumping off” point for attacking other hosts within the organization. Recommendations for general server security are available from NIST SP 800-123, Guide to General Server Security. Remote access servers should be kept fully patched, operated using an organization-defined security configuration baseline, and managed only from trusted hosts by authorized administrators.
What is cloud native service?
Using the cloud-native service, administrators can leverage the cloud-native service to effortlessly provision and deprovision access to virtual machines, applications and services with granular role-based access profiles.
What is check point corporate access?
By supporting a variety of protocols, Check Point Corporate Access enables secure access to databases (SQL), administration terminals (SSH) and remote desktops (RDP). Integrating with any Identity Provider, its lightweight Privileged Access management (PAM) module offers built-in SSH server key management to ensure the security of an organization’s crown jewels.
What is remote work security?
Remote work security policies should define the forms of remote access permitted, the types of devices that can be used and the type of access allowed for each type of remote worker. The policies should also cover how remote access servers are administered and how their policies are updated. Organizations should make risk-based decisions about ...
Does remote desktop access involve remote access?
Remote desktop access does not involve remote access servers, so there is no issue with the placement of the remote access server. Direct application access servers run the application server software on the servers themselves. Placing them at the network perimeter has a similar effect as the remote access user is only running applications on ...
What is remote access?
Remote access is access to organizational systems (or processes acting on behalf of users) that communicate through external networks such as the Internet. Types of remote access include dial-up, broadband, and wireless. Organizations use encrypted virtual private networks (VPNs) to enhance confidentiality and integrity for remote connections. The use of encrypted VPNs provides sufficient assurance to the organization that it can effectively treat such connections as internal networks if the cryptographic mechanisms used are implemented in accordance with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines. Still, VPN connections traverse external networks, and the encrypted VPN does not enhance the availability of remote connections. VPNs with encrypted tunnels can also affect the ability to adequately monitor network communications traffic for malicious code. Remote access controls apply to systems other than public web servers or systems designed for public access. Authorization of each remote access type addresses authorization prior to allowing remote access without specifying the specific formats for such authorization. While organizations may use information exchange and system connection security agreements to manage remote access connections to other systems, such agreements are addressed as part of CA-3. Enforcing access restrictions for remote access is addressed via AC-3.
Why use encrypted VPN?
The use of encrypted VPNs provides sufficient assurance to the organization that it can effectively treat such connections as internal networks if the cryptographic mechanisms used are implemented in accordance with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines.
Does VPN allow remote access?
Still, VPN connections traverse external networks, and the encrypted VPN does not enhance the availability of remote connections. VPNs with encrypted tunnels can also affect the ability to adequately monitor network communications traffic for malicious code. Remote access controls apply to systems other than public web servers or systems designed ...
