Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/20/2020
10:00 AM
Rob Smith
Rob Smith
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Remote Access Makes a Comeback: 4 Security Challenges in the Wake of COVID-19

As companies continue to support increasing numbers of work-from-home employees, the pressure to secure access and reduce risk has never been greater.

For more than two decades, enterprises have relied on VPN technologies to enable remote access to corporate applications and data. In recent years, these technologies have diminished in importance as more businesses transition to cloud-based applications and users are less dependent on access to the corporate network. Yet with enterprises forced to support a sudden surge in remote work during the coronavirus outbreak, remote access technologies have quickly made a comeback as a critical component of the enterprise technology stack.

VPNs remain popular for enterprises to connect remote users to corporate resources. Yet many organizations don't have the capacity and licenses to enable all employees for remote work during critical events such as the COVID-19 pandemic. Furthermore, always-on VPNs are being used for all of a user's connections and resource consumption, even when some users only need access to cloud-based applications and data. This often results in performance degradation, which leads to users seeking ways to bypass security and instead access applications directly.

As companies support more work-from-home employees, security teams must have the right technology in place to avoid poor performance and ensure secure access. Here are four ways that security and risk management leaders can address today's COVID-19 remote work challenges.

Challenge 1: Choose the Right Remote Access Product
VPN is not the only technology that can be used to enable remote access. Solutions such as a cloud access security broker (CASB) or zero-trust network access (ZTNA) technology can also be used for secure remote connections if the user needs access to software-as-a-service applications. These types of products offer additional corporate controls to users accessing applications outside of the corporate network through an access management (AM) tool.

Here are four key questions for security teams to consider when choosing and deploying modern high-volume remote access products:

1. Who is the user, and what is his or her job function? Some users require more bandwidth than others, like executives or mission-critical employees with above-average data analysis needs. Consider a user's job function when defining any remote use case.

2. What kind of device is being used, and who owns it? Usability and security vary widely across the spectrum of available remote devices. A corporate-owned PC is much easier to secure than a personally owned smartphone.

3. What kind of applications and data do users need to access? If employees use dedicated cloud applications, a CASB makes more sense from a performance perspective than an always-on VPN. Think about whether employees are more often accessing applications located in the cloud or on-premises.

4. Where is the user located? Consider differing data security, labor, and privacy across countries and state/local jurisdictions when choosing the remote access solution. Whether you select a VPN, CASB, or ZTNA for secure remote access, test products for scale to support critical unplanned events such as COVID-19. All enterprises should also pilot and deploy multifactor authentication (MFA) for any kind of remote access, such as phone-as-a-token authentication.

Challenge 2: Evaluate the Risks of Bring-Your-Own-Device
When the COVID-19 outbreak suddenly forced employees across a variety of sectors to work from home, some who were not equipped with the technology solutions to do so turned to personal devices, including phones, laptops, and tablets, to continue working. Bring-your-own-device (BYOD) is a practice that enables employee-owned devices (such as mobile phones, laptops, and so on) to use remote access technologies to connect to secure company networks.

While BYOD can be beneficial in some cases for reducing infrastructure costs, it presents a significant security risk when implemented without the proper technologies and policies in place. If BYOD is a part of your continuity plan, consider the type of user and the device being used when choosing a technology for BYOD access. If a user is a temporary employee or one with a lower trust level and connecting using a PC or Mac, a virtual desktop is a good option. For smartphone users, the easiest method to enable remote access for an unmanaged device is to install an application-based container.

Challenge 3: Develop a Usable Remote Work Policy
After determining use cases and technology, build an end-user remote access policy with buy-in from all business units. Ensure that any BYOD considerations are reflected in the policy. In urgent situations, such as COVID-19, escalate the policy to legal counsel. Use simple and local language, and stress the importance of employees physically signing the policy document as soon as possible.

For more information about how to lead organizations through the disruption of coronavirus, check out the Gartner coronavirus resource center, a collection of complimentary Gartner research and webinars to help organizations respond, manage, and prepare for the rapid spread and global impact of COVID-19.

Related Content:

Check out this listing of free products and services compiled for Dark Reading by Omdia analysts to help meet the challenges of COVID-19. 

Rob Smith is a Research Director within the Gartner Endpoint and Operations Security Group and is based in London. Mr. Smith advises clients on all aspects of enterprise mobility. His research predominantly focuses on life cycle management and security of mobile devices. He ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
8414351990
50%
50%
8414351990,
User Rank: Apprentice
4/27/2020 | 8:50:03 AM
Re: Pending Review
This is totaly good impressive.

Thanks for Sharing.

hindi
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25159
PUBLISHED: 2020-11-24
499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution.
CVE-2020-25654
PUBLISHED: 2020-11-24
An ACL bypass flaw was found in pacemaker before 1.1.24-rc1 and 2.0.5-rc2. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went throu...
CVE-2020-28329
PUBLISHED: 2020-11-24
Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19.
CVE-2020-29053
PUBLISHED: 2020-11-24
HRSALE 2.0.0 allows XSS via the admin/project/projects_calendar set_date parameter.
CVE-2020-25640
PUBLISHED: 2020-11-24
A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.