« Social media bandwagons…aka the worst things on the planet | Main | Yellow is the new blue »

Remote access can sink your business

Dave Nelson, CISSP is president and CEO of Integrity

Providing the ability to access critical systems and data via remote locations is critical for most organizations today. Allowing employees to work from home if they have sick kids, employing remote office workers to attract and retain top talent, and enabling disaster recovery and business continuity procedures are all valid reasons that companies implement remote access.

If not implemented properly however, unauthorized users are just as likely to gain access to the crown jewels as your employees. One of the easiest ways to hack an organization is through the remote access provided to employees. 

Windows 2003 is still frequently used to provide remote access to employees, students, contractors and vendors. This operating system was released 12 years ago. Consider the following things that happened in 2003. Apple iTunes was released with just 200,000 songs. The movie "Finding Nemo" was released. LeBron James was an NBA rookie. And the first iPhone was still four years away.

Kind of makes 2003 seem like an eternity ago, doesn’t it? From a technology perspective it might as well have been a century ago.

Often we implement technology solutions which seem to continue to work well and serve their purpose. Because they are working, we leave them alone. What we fail to do is continually review the risks to our business as the technology matures and the threats evolve. Remote access is a perfect example.

It is not just Windows 2003 Terminal Services that are out of date. Firewalls, VPN concentrators, Citrix Remote Desktops, and other tools have had vulnerabilities discovered which need to be remediated. Not using two-factor authentication or not using application virtualization and proxies to deliver applications remotely are areas where organizations are assuming too much risk as well.

Two of the recent data breaches Integrity has investigated started with attacks against remote access. Once the hacker was able to control the remote access system, they had the opportunity to gain access to vital systems and data at the victim organization.  Because this was expected behavior and the systems weren’t closely monitored, the hacking activity went unnoticed for months.

Systems that haven’t been patched, or where the architecture hasn’t been updated to address the evolving threats of today’s world, are most at risk. The security event logs from these remote access systems must also be closely monitored to identify attacks and provide appropriate response times.

The risks to your business and customers from remote access is great. This is one area of technology that requires constant risk assessment, technology updates or upgrades, and thorough security monitoring. Protecting against hackers is often hard work, but sometimes it’s simply a matter reviewing what’s already being done to ensure those efforts are still yielding the results you expect.

Dave-Nelson-2015-biz-blogDave Nelson is president and CEO of Integrity. 

Email: dave.nelson@integritysrc.com

Twitter: @integritySRC | @integrityCEO

Website: integritysrc.com

Comments

The comments to this entry are closed.

« Social media bandwagons…aka the worst things on the planet | Main | Yellow is the new blue »

Technorati Bookmark: Remote access can sink your business

This site is intended for informational and conversational purposes, not to provide specific legal, investment, or tax advice.  Articles and opinions posted here are those of the author(s). Links to and from other sites are for informational purposes and are not an endorsement by this site’s sponsor.