Question

Remote access from home is very common for those who work off-site. What security issues come to mind when establishing this connection? How does this connection protect both you and the corporate network?

Answer 1

Remote access allows mobile users and employess of the organization to contribute to the office system via remote location ie. outside the secured environment of the organization. Despite of many benefits, remote access to the system can expose the business to other risks which needs to be managed in order to protect the business.

Remote Access Issues:

• Lack of physical security controls - It may happen that while using the office system remotely via, computer or a laptop, the device may get stolen or forgotten or misplaced. Although this kind of risks can be taken care of by being more protective towards the device.
• Unauthorised access to system or data - If the authorised person uses a weak password or easy to guess login credentials such as his name, birthdate,or simple passwords such as 1234 or abcd, an attacker or unauthorised person can access the system with ease. and all the data or business credentials can be stolen or misused.
• Monitoring or manipulation of data - once the attacker or intruder gets an access to the remote system, he may monitor the data or even can change the confidential data which can lead to loss of business.

Few common security measures can protect both the system and its users such as :

1. Use of strong passwords while login. also make sure to log out of the remote system before going offline.
2. Use of firewalls and strong security measures such as vpn's ie. virtual private networks.
3. Restricting the access to unauthorised persons by setitng up 2 way authentication protocols. ie. by password plus security tokens such as otp or personal pin.
4. Allowing access to workers but limiting their use of resources or access to the main system as minimal as possible.
5. Reviewing server logs, to monitor the remote access activity performed by the user.
6. by testing the servers and systems regulary to look for the vulnerability.
7. Setting up honeytraps which behaves like original system but actually a trap led to attacker to become a victim of it.
8. Keeping firewalls and other security masures patched-up and updated.
9. Never compromise the security by using pirated softwares. Buy legitimate security softwares with licenes.
10. Use of virtual private networks can give a high level of encryption and security therby protecting .
11. And lastly raise awarness , provide your employess a proper training and raise awareness between them about the security concers and measures. make sure that the understand the security policies and follows the depicted guidelines.

Thats all for this question, do write in comment if any queries. Thank you.