During a remote access audit, there are several areas you'll want to assess. These include:
- Internet scanning and penetration testing: Look at what offerings the remote access service has exposed to the Internet, and whether there are any additional services that show up that shouldn't; these could include internal resources such as websites, databases or applications. . Also, look for standard Internet vulnerabilities and any additional abnormalities that may be obvious.
- Remote access devices: Review and assess whether there are any vulnerabilities in the inventory devices and components that will utilize the service. If required, ensure third-party background checks are run and periodically reviewed. Ascertain that there is adequate physical security at the third-party location(s). Ensure there is an established communication plan and services for access requests, credential management and incident/help desk support. Evaluate and assess the security policies of the third-party accessing the service.
- Implementation: Identify and review what protocols are available for the end users. Evaluate the authentication method being used. Ascertain if the physical security of the service is adequate and effective, as well as if the logical access control methods are adequate and effective. Ensure control functions can't be bypassed and that there's a change management process in place as additional functionality and/or problem resolution are addressed. Review architecture and technologies to ensure they meet enterprise standards.
- Governance: Ensure corporate and security policies are being enforced and business continuity practices are being followed. Evaluate the logging/reporting functions and ensure the service has an effective event-analysis methodology. Evaluate and assess any remote access disaster recovery plans and ensure they are periodically reviewed and updated as necessary.
While you should work with your audit and compliance team to come up with the final list, hopefully this information will be a good start.
Related Q&A from Randall Gamby
Simple photography cracking biometric systems highlights the need for two-factor authentication in enterprises according to expert Randall Gamby.continue reading
Bimodal IAM may be a new term, but this new way to use user credentials should probably already be in practice among secure organizations.continue reading
Reviewing credential dumps could potentially save identity information from being stolen and used in a data breach. Expert Randall Gamby explains why...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.