Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

4/29/2020
03:00 PM
50%
50%

7 Secure Remote Access Services for Today's Enterprise Needs

Secure remote access is a "must" for enterprise computing today, and there are options for you to explore in the dynamic current environment.
Previous
1 of 8
Next

When much of enterprise IT access has become remote access, it makes sense to give more than a passing thought to secure remote access. While plenty of vendors claim to provide this worthwhile service, what, precisely, is it?  

Secure remote access can include any (or many) of a number of services, from endpoint security to user authentication to VPNs. When looking at products and services that advertise themselves under the broad label of "secure remote access," it's important to know which of these services is being offered.

Aside from the obvious need during the time of social distancing, this is a good time to explore secure remote access because many companies are offering their services at no cost for a limited time. Dark Reading and its sister research company Omdia have been trying to keep track of all the companies offering free products and services now: A frequently updated list can be found here.

This article looks at a few representative products and services from the list, with an eye toward using them to illustrate the possibilities available within the secure remote access category. The list here is not intended to be encyclopedic: For that, look to the link above. It is meant to spur some discussion and thought about which capabilities might make your organization's remote workers a bit more secure when they access corporate assets.

Speaking of the discussion, we'd love to know whether you and your company have used any of the products on the list. Are there other products that you've found to be fundamental to secure remote access in your situation? Let us (and your fellow readers) know in the comment section. We'll look forward to seeing you there.  

(Image: metamorworks via Adobe Stock)

 

Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and ... View Full Bio

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/30/2020 | 1:58:10 PM
Re: High Level Summary for Best Practice Security
Over simplification of course but my previous response contains some high priority practices.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/30/2020 | 1:52:54 PM
High Level Summary for Best Practice Security
1) VPN

2) MFA

3) Prudent Decision making from Security Training

4) Patching
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...