Risk
9/2/2010
01:44 PM
Connect Directly
LinkedIn
RSS
E-Mail
50%
50%

9 Steps To Enabling Remote Access, Safely

Security goes beyond encryption, authentication, and monitoring employees. We also need to ensure privileged users aren't betraying trust. Here's how.

As remote workers become more commonplace, their connections represent an increasingly vexing risk factor. For respondents to our InformationWeek Analytics 2010 Strategic Security Survey who said their companies are more vulnerable now than in 2009, 66% cited as the reason more ways to attack corporate networks, including wireless. Yet IT must ensure mobile workers have the access they need to be productive.

Here's one angle CIOs often overlook: Providing this level of 24/7 support translates to a lot of people with high access privileges working remotely--not just business users, but IT support staff as well.

Most of us have no choice but to open systems to the outside world. The challenge is to do so in a measured fashion, and in a way that allows you to track and audit access while protecting data. Here's our hit list of the top nine dangers that come with unfettered remote access, along with mitigation tips for each.

1| Danger: Running afoul of regulations Mitigation: Document the corporate data and intellectual property that you must protect

This exercise is basic--and vital. You can't even begin to audit and protect your organization's data until you know where all the important stuff resides. The results of a data discovery process can be leveraged across many different projects, including compliance, risk assessment, and data loss prevention (DLP) initiatives.

2| Danger: You can't easily correlate account activity and usage Mitigation: Rein in your account and password policy

Want an eye opener? Ask for a report on the number of general accounts in your directory services infrastructure. We're talking about those accounts called "Support" or "Payroll"--you know, the ones all 5,000 company employees seem to know the passwords to. If you're using general-purpose accounts for any authentication activities without carefully controlling access rights, you're playing Russian roulette. To the degree you can, eliminate them.

And while you're cracking down on anonymous accounts, give some thought to your password policy. Implementing strong passwords is arguably the easiest mitigation task on our list to execute. Sure, it might also be the one that generates the most hate mail to IT, but there's no getting around the fact that you can't let users select "password."

InformationWeek: September 6, 2010 Issue To read the rest of the article, download a free PDF of InformationWeek magazine
(registration required)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Cybercrime has become a well-organized business, complete with job specialization, funding, and online customer service. Dark Reading editors speak to cybercrime experts on the evolution of the cybercrime economy and the nature of today's attackers.