Book Demo!

Millions of workers are now working from home. For anyone in IT or security, the move towards remote access creates a new set of challenges and security threats.

The most common way to offer remote access is through VPN. But this can create speed issues. VPNs typically consume up to 20% of a company’s bandwidth. With everyone connecting to VPN this will create bottlenecks. Most companies have likely added capacity to help address this, but remote workers should expect that systems will run slower over VPN.

Security is another big concern. While VPNs are a good option for office workers, they can still be insecure and unreliable. VPN opens access to the whole network instead of several resources. With so many people working off VPNs, this increases security risks by creating new entry points for malicious actors to execute malware, ransomware, phishing and brute force attacks. Employees and companies can expect an increase in attacks as bad actors dial-up their threats.

As companies (and their IT departments) work to ensure remote access for workers and maintain security, keep these 5 tips in mind:

1. Update VPNs and Install Patches – If you haven’t already, make sure you have installed all updates and patches to your VPN network. Hackers have increased their attacks on VPN vulnerabilities.

2. Strong Passwords – This goes without saying but remote workers should have strong passwords that are regularly rotated. If your password policies don’t require regular rotation, you may want to update them or ask employees to rotate them every few weeks – especially while working from insecure home WiFi networks.

3. Add Multifactor Authentication – many companies already use MFA and using it in conjunction with VPN adds another layer of security. If you are not using MFA, now is a good time to consider it. At its core, multifactor authentication provides an added access control that requires a user to present multiple pieces of evidence or identifiers (usually a one-time passcode) before granting access to company systems. With MFA, even if passwords are stolen, it’s unlikely that the hacker also has the phone and OTP generator.

4. Implement a Secure Gateway for IT Admins and Privileged Users – Not all remote users are the same. Most of your workers need access to email and a few other resources to perform their job. VPN with MFA works for these employees. But IT admins need access to your network and accounts, including Windows, Unix, AWS or Azure Instances, Mainframes, Cisco and Juniper Network Devices, Websites or Web Management Portals. VPNs are not designed for this level of privileged user. You need a Secure Gateway that brokers access using HTTPs to specific resources. This way you can use your existing identity provider such as Active Directory (AD), AzureAD, Office365, Google Authentication, etc, to access privileged accounts such as root or Administrator.  This also frees up speed by eliminating the need for VPNs for IT admins and privileged users.

5. Implement Principle of Least Privilege – Whether it’s general workers or IT admins, you want to implement the principle of least privilege. This ensures people only have access to the systems they need and no more.

XTAM Remote Employee Gateway

At Xton, we know these are challenging times and companies are continuously updating their business continuity plans. In an effort to help companies provide secure remote access to their privileged users, the XTAM Remote Employee Gateway is free for new installations through June 1.

XTAM Remote Employee Gateway uses a modern architecture and is cloud-ready which makes it easy to set up quickly.  The goal is to help companies securely lock their systems behind their firewall and use a secure gateway to provide access to IT admins. The added benefit is that XTAM also offers session monitoring, video recording, and notifications required for auditing and compliance. Something that VPN cannot provide.

With a 10-minute download, companies can set up a secure gateway quickly, implement least privilege and have audit capabilities. You will also have peace of mind knowing that IT admins can access critical infrastructure security minimizing the risk of a breach.

Banner image by Business vector created by stories – www.freepik.com


Mark Klinchin

I am Co-Founder and CEO of Xton Technologies. I am interested in computers, software development, cyber security, content management, photography, image processing and mathematics.

Related Posts

Industry

Improving Database Security with Privileged Access Management

Cybercriminals and hackers want access to your most sensitive information and systems. Customer data, PPI, and company secrets are often kept in databases. With cyber threats on the rise, database security has never been more Read more…

Industry

The Challenge with Jump Servers and Privileged Accounts

A lot of companies rely on jump servers as part of their security strategy.  It’s common for a company to create a jump server for IT administrators to connect to SSH and RDP as part Read more…

Industry

Insider Abuse, Google and Privileged Users

Recent news reports found that Google fired dozens of employees from 2018 -2020 for abusing their access to company data. While insider abuse is not new, it is a growing threat and one that companies Read more…

Copyright © 2020 Xton Technologies, LLC. All rights reserved.