I've read that remote access software is becoming an increasingly popular attack vector. Is this a legitimate concern for enterprises, and what can be done to ensure secure use of remote access clients?
Remote access software has been a popular attack vector for a long time and is one of the many reasons why organizations have implemented VPNs and firewalls to secure remote access to their networks. Legitimate remote access software has evolved from simple telnet and terminal connections to Web-based, full remote management and publishing applications. These legitimate tools perform many functions, including remote administration and telework. However, other tools like Back Orifice, Netbus, DameWare and Zeus can be used to remotely control a system for potentially illegitimate reasons.
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
Remote access software is attacked frequently, in fact, because it is typically located outside of an organization's firewall and is often accessible from anywhere on the Internet. The business pressure to make access as efficient as possible is intense, so in order to make remote access simpler, some organizations have skirted secure authentication practices and deployed VPNs using only username and passwords. There are also numerous security vulnerabilities within remote access software that have been exploited successfully.
Enterprises can ensure secure remote access for clients and users by providing encrypted transports, strong authentication for remote access software and controlling access. Encrypted transports protect data from eavesdropping threats and potentially the integrity of data in transport. Strong authentication minimizes the chance for capturing account credentials. Different types of remote access can be controlled by allowing only approved remote access products to access approved areas of the network. Users expect to access most of their applications remotely, so enterprises will be dealing with the security issues arising from remote access software for the foreseeable future. Using these steps should minimize unsafe conditions.
This was first published in September 2012