I've read that remote access software is becoming an increasingly popular attack vector. Is this a legitimate concern...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
for enterprises, and what can be done to ensure secure use of remote access clients?
Remote access software has been a popular attack vector for a long time and is one of the many reasons why organizations have implemented VPNs and firewalls to secure remote access to their networks. Legitimate remote access software has evolved from simple telnet and terminal connections to Web-based, full remote management and publishing applications. These legitimate tools perform many functions, including remote administration and telework. However, other tools like Back Orifice, Netbus, DameWare and Zeus can be used to remotely control a system for potentially illegitimate reasons.
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
Remote access software is attacked frequently, in fact, because it is typically located outside of an organization's firewall and is often accessible from anywhere on the Internet. The business pressure to make access as efficient as possible is intense, so in order to make remote access simpler, some organizations have skirted secure authentication practices and deployed VPNs using only username and passwords. There are also numerous security vulnerabilities within remote access software that have been exploited successfully.
Enterprises can ensure secure remote access for clients and users by providing encrypted transports, strong authentication for remote access software and controlling access. Encrypted transports protect data from eavesdropping threats and potentially the integrity of data in transport. Strong authentication minimizes the chance for capturing account credentials. Different types of remote access can be controlled by allowing only approved remote access products to access approved areas of the network. Users expect to access most of their applications remotely, so enterprises will be dealing with the security issues arising from remote access software for the foreseeable future. Using these steps should minimize unsafe conditions.
Dig Deeper on Secure remote access
Related Q&A from Nick Lewis
DoubleAgent malware is a proof of concept for a zero-day vulnerability that can turn antivirus tools into attack vectors. Expert Nick Lewis explains ...continue reading
A new POS malware downloads a RAM scraper to avoid detection. Expert Nick Lewis explains the tricks MajikPOS uses to target retail terminals and how ...continue reading
An Apache Struts vulnerability is still being exploited, even though it has already been patched. Expert Nick Lewis explains why the Struts platform ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.