Having secure remote access available to work-from-home employees is becoming increasingly important for modern companies. Many industries have made large investments in remote access services without realizing these investments come with a variety of inherent problems. Remote access threats are unique and if proper measures are not implemented significant threats to corporate information can exist.
The most common vulnerabilities with remote access technologies are poor identity validation and weak authentication. Most remote access tools simply rely on a traditional user ID and password. Unfortunately, when common ID’s and passwords are shared it leads to mass vulnerabilities. It is important for organizations to monitor remote access and be sure to use multi-factor authentication. Multi-factor authentication is a process where a person proves their identity with two of three methods: “something you know”, “something you have” or “something you are”. This could be attained by simply having users enter their username (“something you know”) and then enter a PIN that appears on a token (“something you have”).
Contracting malware is another major risk when permitting remote access. Allowing users to connect with unauthorized devices (i.e. Home PC) poses the risk of malicious software or malware spreading to your network. Viruses, Trojans and worms can piggyback the remote connection and gain access to the network. It is important that users with remote access have antivirus software installed on their devices and your remote access system verifies antivirus protection exists before allowing connectivity to your network.
Finally, make sure remote access privileges are monitored and disabled when they are no longer needed. In other words, don’t let a former employee retain access. To many times disgruntled former employees raise havoc on networks because management and administrators delay revoking access to corporate resources.
Verizon’s 2012 Data Breach Investigations Report indicates that remote access services were involved in 88% of all hacking breaches in 2011 and of all the reported incidents involving malware in 2011, compromised remote access resulted in infections 95% of the time. So if you are thinking about making remote access an important part of your business, and you transmit sensitive information, it may be worthwhile to contact your EarthLink representative today to learn more about our managed Secure Remote Access service.