Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/20/2020
10:00 AM
Rob Smith
Rob Smith
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Remote Access Makes a Comeback: 4 Security Challenges in the Wake of COVID-19

As companies continue to support increasing numbers of work-from-home employees, the pressure to secure access and reduce risk has never been greater.

For more than two decades, enterprises have relied on VPN technologies to enable remote access to corporate applications and data. In recent years, these technologies have diminished in importance as more businesses transition to cloud-based applications and users are less dependent on access to the corporate network. Yet with enterprises forced to support a sudden surge in remote work during the coronavirus outbreak, remote access technologies have quickly made a comeback as a critical component of the enterprise technology stack.

VPNs remain popular for enterprises to connect remote users to corporate resources. Yet many organizations don't have the capacity and licenses to enable all employees for remote work during critical events such as the COVID-19 pandemic. Furthermore, always-on VPNs are being used for all of a user's connections and resource consumption, even when some users only need access to cloud-based applications and data. This often results in performance degradation, which leads to users seeking ways to bypass security and instead access applications directly.

As companies support more work-from-home employees, security teams must have the right technology in place to avoid poor performance and ensure secure access. Here are four ways that security and risk management leaders can address today's COVID-19 remote work challenges.

Challenge 1: Choose the Right Remote Access Product
VPN is not the only technology that can be used to enable remote access. Solutions such as a cloud access security broker (CASB) or zero-trust network access (ZTNA) technology can also be used for secure remote connections if the user needs access to software-as-a-service applications. These types of products offer additional corporate controls to users accessing applications outside of the corporate network through an access management (AM) tool.

Here are four key questions for security teams to consider when choosing and deploying modern high-volume remote access products:

1. Who is the user, and what is his or her job function? Some users require more bandwidth than others, like executives or mission-critical employees with above-average data analysis needs. Consider a user's job function when defining any remote use case.

2. What kind of device is being used, and who owns it? Usability and security vary widely across the spectrum of available remote devices. A corporate-owned PC is much easier to secure than a personally owned smartphone.

3. What kind of applications and data do users need to access? If employees use dedicated cloud applications, a CASB makes more sense from a performance perspective than an always-on VPN. Think about whether employees are more often accessing applications located in the cloud or on-premises.

4. Where is the user located? Consider differing data security, labor, and privacy across countries and state/local jurisdictions when choosing the remote access solution. Whether you select a VPN, CASB, or ZTNA for secure remote access, test products for scale to support critical unplanned events such as COVID-19. All enterprises should also pilot and deploy multifactor authentication (MFA) for any kind of remote access, such as phone-as-a-token authentication.

Challenge 2: Evaluate the Risks of Bring-Your-Own-Device
When the COVID-19 outbreak suddenly forced employees across a variety of sectors to work from home, some who were not equipped with the technology solutions to do so turned to personal devices, including phones, laptops, and tablets, to continue working. Bring-your-own-device (BYOD) is a practice that enables employee-owned devices (such as mobile phones, laptops, and so on) to use remote access technologies to connect to secure company networks.

While BYOD can be beneficial in some cases for reducing infrastructure costs, it presents a significant security risk when implemented without the proper technologies and policies in place. If BYOD is a part of your continuity plan, consider the type of user and the device being used when choosing a technology for BYOD access. If a user is a temporary employee or one with a lower trust level and connecting using a PC or Mac, a virtual desktop is a good option. For smartphone users, the easiest method to enable remote access for an unmanaged device is to install an application-based container.

Challenge 3: Develop a Usable Remote Work Policy
After determining use cases and technology, build an end-user remote access policy with buy-in from all business units. Ensure that any BYOD considerations are reflected in the policy. In urgent situations, such as COVID-19, escalate the policy to legal counsel. Use simple and local language, and stress the importance of employees physically signing the policy document as soon as possible.

For more information about how to lead organizations through the disruption of coronavirus, check out the Gartner coronavirus resource center, a collection of complimentary Gartner research and webinars to help organizations respond, manage, and prepare for the rapid spread and global impact of COVID-19.

Related Content:

Check out this listing of free products and services compiled for Dark Reading by Omdia analysts to help meet the challenges of COVID-19. 

Rob Smith is a Research Director within the Gartner Endpoint and Operations Security Group and is based in London. Mr. Smith advises clients on all aspects of enterprise mobility. His research predominantly focuses on life cycle management and security of mobile devices. He ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
8414351990
50%
50%
8414351990,
User Rank: Apprentice
4/27/2020 | 8:50:03 AM
Re: Pending Review
This is totaly good impressive.

Thanks for Sharing.

hindi
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
Hacking Yourself: Marie Moe and Pacemaker Security
Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
Startup Aims to Map and Track All the IT and Security Things
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15208
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can ...
CVE-2020-15209
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one....
CVE-2020-15210
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b and ...
CVE-2020-15211
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices f...
CVE-2020-15212
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `outpu...