Remote Access Risks

Remote Access Risks

With software and services like accounting, email and Customer Relation Management (CRMs) being “in the cloud”, users are able to work from anywhere in the world and from almost any device. Users can also connect into the office with VPNs or Remote Desktop / Teamviewer-like programs for complete access to their files.

This freedom does introduce some risks to businesses if users are connecting from ‘unknown’ PCs. Does the users’ computer have an antivirus?
What if they have lost their phone & the passwords to work are saved in their address book?
Is there any sensitive material available if the system is shared with their children?

To avoid the virtual ‘can of worms’, businesses need to have an appropriate Remote Access Policy that outlines the dos and don’t when accessing business assets.

To make life a little easier, we have published a Remote Work Policy Template (@ https://ictaa.com.au) for businesses to use as a baseline when setting the rules for users and their devices.

Remote Access: Top 3 Security Risks

Some of the most common security risks associated with ineffective remote management include:

  1. Not encrypting data. Encryption is often considered the most effective way to achieve data security, and is defined as “the conversion of electronic data into another form, called ciphertext, which cannot be easily understood by anyone except authorized parties.”
  2. Weak web protection. With the average cost of cybercrime reaching $7 million per organization annually, companies cannot afford to be frugal about web protection. Web filtering blocks webpages that may contain malicious content, including malware, spyware and viruses, as well as deny website access based on URL, page type, user and device.
  3. Ineffective asset tracking. An IT tracking solution provides visibility into all of the managed computers on a network, enabling you to make consistent updates, be alerted when new devices are added and uncover potential IT problems before they become glaring issues.

Sources:
SANS Institute: https://www.sans.org/reading-room/whitepapers/vpns/remote-access-vpn-security-concerns-policy-enforcement-881
TechTarget: http://searchsecurity.techtarget.com/definition/encryption

Share this post