More than 40 percent of top executives from the CNBC Technology Executive Council confirm that data and cyber-attacks have surged since the majority of their workforce is working from home. While many organizations are moving to define a new norm for Work from Home, most use a hybrid environment, and many of their on-premises components aren’t going anywhere soon.
As CIOs and CISOs navigate these turbulent times, keeping employees safe and running business operations is of supreme importance currently. As millions of workforce now work from home including IT teams, mistakes and human errors are bound to open door to cyber attackers. As people continue to remain a perimeter control in an organization, hackers continue to exploit vulnerabilities and focus their efforts on compromising user credentials. IT teams have now been forced to run privileged activities outside the conventional IT setup. Some of these processes of remote access have never been stress-tested or risk-evaluated in the past. Protecting access to these technologies is critical, as VPNs and Virtual Desktops become the new attack vectors for cyber attackers, and the gateway to your internal networks.
Considering the rapid surge of this pandemic, IT Teams were not completely prepared for a massive spike in work from home environments. Privileged users, developers, application team users have been accustomed to working from hardened, monitored and controlled office machines. However, this wave has forced organizations to ship desktops to allow employees work from home and sustain business as usual. Some organizations have allowed access from personal devices to office environments with/without normal VPN setups. Needless to mention, in such scenarios, employee access is susceptible to unknown environmental attacks like on Wi-Fi network. Organizations at the same time must evaluate risk of increasing cases of insider threats, data leakages and unmonitored access.
VPN based access or Direct Access to Cloud Servers
In normal scenarios, many internal IT users require a specific environment to operate and often access their workstations. In case of external users, a specific access is provided to RDP or SSH sessions via VPN. VPNs normally provide security of encrypting the traffic with some providers adding features for basic device health check and source country check. In a privileged access scenario, this normally means a user with a potentially unknown & possibly vulnerable machine eventually has high privilege access to your environment. This also means that normal controls of data movements, identity checks, audit logging are limited. Learn more on the vulnerabilities of a VPN based remote access here.
Public cloud environment is susceptible to attacks where direct server access is granted to IT teams. While this is common scenario for test environments, a poor network configuration or misconfiguration could expose your network to a major breach hotspot.
Isolated Privileged Sessions
Isolating privileged sessions from the outside world or your trusted users accessing from anywhere is an ideal scenario for planning your privileged access strategy for work from home users. Provisioning Bastion Hosts to secure your production environment (on-premise, public or private cloud) without boundaries is recommended to withstand attacks while allowing access to critical applications & assets. Often managing Bastion hosts like Windows Terminal Servers require skills for specialized hardening parameters, network re-configuration & additional licensing issues & additional user access management (if managed outside your trusted windows domain).
Sanitize your Attack Surface with Sectona PAM’s True Session Isolation
Sectona Privileged Access Management is a quick to deploy solution with option for software defined proxies for RDP, SSH & Web Sessions with pre-configuration setup for allowing access using Windows Terminal Services.
It has an advanced technology that seamlessly allows RDP, SSH, Web sessions over TLS on port 443 enabling you to traverse corporate firewalls easily. With added control of restricted movement of data and isolating the user machine to connect to your environment significantly reduces your attack surface.
Know more about Sectona Privileged Access Management here.