Secure remote access to survive and thrive
作为世界期间和大流行后搞清楚了，有一两件事是肯定的 - 远程工作是在这里留下来。幸运的是，技术可以提供，以确保操作访问所需的可视性，无论员工是在办公室还是在家里工作。虽然这种灵活性还没有那么容易过去拥抱，安全远程访问（SRA）现在被广泛用于帮助企业生存和发展。
另一项调查发现COVID-19相关的钓鱼邮件都在上升，与许多不同的嵌入恶意株作为附件。AgentTesla（45％），NetWire（30％），和LokiBot（8％）是最积极开拓恶意软件家族，在说新加坡集团-IB的计算机紧急响应小组的（CERT-GIB）的研究人员。亚洲必赢With some minor differences, the goal of all these malware samples is to harvest user credentials from browsers, mail clients and file transfer protocol (FTP) clients, as well as capture screenshots, and secretly track user behavior and send it to cybercriminals’ command and control centers.
Loss of control
“One of the things that’s changed is that a corporation no longer has control over the infrastructure its employees are using for work,” said Pam Johnson, vice president of customer experience at Dallas-TX-based solution provider, TDi Technologies. “For example, they’re using personal computers to access the business network. They’re using unsecured WiFi to access operational systems. That’s a fundamental issue that could result in malware making it through from personal computers, going over a home WiFi to the business network.”
“We’re used to knowing who’s touching our critical infrastructure, because outsiders have had to sign into a visitor log,” said Bill Johnson, chief executive and founder of TDi. “And when they’re onsite, all the cyber hygiene, cyber protocols, and visitor protocols are being met. They’re not bringing in USBs or laptops from the outside, they’re using equipment contained within the four walls of the business. But with so many remote workers, cyber challenges are added onto the personal and physical-distancing challenges that now exist.”
A big spike in the number of people working from home, and most likely continuing to do so, has brought about a change in the micro view of how employees operate and in the macro perspective of how industry could operate in the future. The pandemic has forced an industry that’s slow to change even the smallest of details into accepting supporting technology.
“我们已经91年以来，以提供不同行业的远程访问，我还没有发现人前如此渴望。而且，不仅是他们渴望看看安全的远程访问，他们正在向我们走来与需求的购物清单，”比尔·约翰逊说。“‘You must be IT-centric or OT-centric, or be able to create a unified view.’ That’s another thing we’re hearing a lot of, ‘I’ve got these other tools, and you have to integrate with those, or you have to be able to allow me to access these other critical tools that I use to manage my business.’ So, the pandemic has led to people becoming more educated about security requirements. In the past, it was a nice-to-have. Now it’s a must-have.”
“I’ve found that people were often the inhibitor to technology, in that they simply didn’t want to allow technology to be accessible remotely,” Bill Johnson said. “Historically, SCADA technologies and OT technologies haven’t been connected to a network that could be remotely accessed. So, consequently, some organizations default to ‘security by obscurity.’ But the COVID-19 pandemic has forced companies to re-think both people and processes.”
While it might be preferable for employees to be physically present, secure remote access technology allows organizations to manage remote access to critical systems in a responsible, secure way, providing situational awareness and auditability to see who is touching the business infrastructure.
“Remote access might be the only way right now to keep a business alive and generating revenue, but if you do it incorrectly, you can put the business out of business,” Bill Johnson said. “That’s why the people in the process have always been a blockage. And it’s also why companies are being very specific about the technology capabilities they need to do it right.”
“From a business perspective, we always want to know who, and where are workers coming from,” Bill Johnson said. “What are they doing? How are they doing it? Are they authorized to be here? Show me the log and the audit, and tracking of their remote access.”
Eight secure remote access tips for companies, two for employees
For companies, they should:
- Protect everything with firewalls, VPNs and two-factor authentication (basically zero trust)
- Monitor remote access connections to gain visibility into all remote systems interacting with your network
- Evaluate how those servers are configured, what software is on them and what version it is, and all automation behind the scenes
- Keep a log of configuration or firmware changes, what was done and by whom.
- During remote access, double check the location you’re going to visit before going there