I've read that remote access software is becoming an increasingly popular attack vector. Is this a legitimate concern...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
for enterprises, and what can be done to ensure secure use of remote access clients?
Remote access software has been a popular attack vector for a long time and is one of the many reasons why organizations have implemented VPNs and firewalls to secure remote access to their networks. Legitimate remote access software has evolved from simple telnet and terminal connections to Web-based, full remote management and publishing applications. These legitimate tools perform many functions, including remote administration and telework. However, other tools like Back Orifice, Netbus, DameWare and Zeus can be used to remotely control a system for potentially illegitimate reasons.
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
Remote access software is attacked frequently, in fact, because it is typically located outside of an organization's firewall and is often accessible from anywhere on the Internet. The business pressure to make access as efficient as possible is intense, so in order to make remote access simpler, some organizations have skirted secure authentication practices and deployed VPNs using only username and passwords. There are also numerous security vulnerabilities within remote access software that have been exploited successfully.
Enterprises can ensure secure remote access for clients and users by providing encrypted transports, strong authentication for remote access software and controlling access. Encrypted transports protect data from eavesdropping threats and potentially the integrity of data in transport. Strong authentication minimizes the chance for capturing account credentials. Different types of remote access can be controlled by allowing only approved remote access products to access approved areas of the network. Users expect to access most of their applications remotely, so enterprises will be dealing with the security issues arising from remote access software for the foreseeable future. Using these steps should minimize unsafe conditions.
Dig Deeper on Secure Remote Access
Related Q&A from Nick Lewis
Locky ransomware has, again, changed tactics by moving to using LNK files for distribution. Expert Nick Lewis explains how enterprises can adjust ...continue reading
Hajime malware was discovered to have links to the Mirai botnet that launched powerful DDoS attacks last year. Expert Nick Lewis explains how Hajime ...continue reading
Drammer, or a deterministic Rowhammer attack, was found to be more effective on ARM-based mobile devices. Expert Nick Lewis explains the issue with ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.