Sectona-Logo

Remote Users and Security: Running Isolated Privileged Sessions

More than40 per cent of top executives from the CNBC Technology Executive Council have confirmed that data and cyber-attacks on remote users have surged since the start of the work from home model. After the COVID-19 pandemic, a large number of organizations have started to define a new norm for Working from Home. On the other hand, other sets of companies are embracing a hybrid environment, and many of their on-premises components aren’t going anywhere soon. 

CIOs and CISOs are navigating these turbulent times of keeping employees safe with by shifting to remote work while running business operations from cyber threats. As millions of the workforce work from home, including IT teams, mistakes and human errors are bound to open the door to cyber attackers.  

As people remain a perimeter control in an organization, hackers continue to exploit vulnerabilities and focus their efforts on compromising user credentials. IT teams have now been forced to run privileged activities outside the conventional IT setup remote users. Some of these remote access processes have never been stress-tested or risk-evaluated. Protecting access to these technologies is critical, as VPNs and Virtual Desktops have become the new attack vectors and the gateway to your internal networks for cyber attackers. 

Considering the rapid surge of this pandemic, IT Teams are not entirely prepared for a massive spike in work-from-home environments. Privileged users, developers, and application teams have been accustomed to working from hardened, monitored and controlled office machines. However, the pandemic wave has forced organisations to ship desktops, allowing employees to work from home and sustain business as usual. Some organisations have allowed access from personal devices to office environments with/without standard VPN setups. In such scenarios, employee access is susceptible to unknown environmental attacks like threats on Wi-Fi networks. At the same time, organisations must evaluate the risk posed by increasing insider threats, data leakages and unmonitored access facing remote users. 

VPN-Based Access or Direct Access to Cloud Servers

In general scenarios, many internal IT users require a specific operating environment to access their workstations. In the case of external users, specific access is provided to RDP or SSH sessions via VPN.   

VPNs typically provide security by encrypting the traffic, with some providers adding features for a basic device health check and source country check. In a privileged access scenario, typically, a user with a potentially unknown & possibly vulnerable machine eventually has high privilege access to your environment. This also means that regular data movements, identity checks, and audit logging control are limited.  

Learn more about the vulnerabilities of VPN-based remote access  

The public cloud environment is susceptible to attacks where direct server access is granted to IT teams. While this is a common scenario for test environments, poor network configuration or misconfiguration could expose your network to a major breach hotspot. 

Isolated Privileged Sessions for Remote Users

Isolating privileged sessions from the outside world or your trusted remote users is an ideal scenario for planning your privileged access strategy for remote users. Provisioning Bastion Hosts to secure your production environment (on-premise, public or private cloud) without boundaries is recommended to withstand attacks while allowing access to critical applications & assets. 

Often managing Bastion hosts like Windows Terminal Servers require skills for specialized hardening parameters, network re-configuration & additional licensing issues & additional user access management (if managed outside your trusted windows domain). 

Sanitize Your Attack Surface with Sectona PAM’s True Session Isolation

Sectona Privileged Access Managementis a quick-to-deploy solution with the option for software-defined proxies for RDP, SSH & Web Sessions. The solution comes with a pre-configuration setup for allowing access using Windows Terminal Services. 

It has an advanced technology that seamlessly allows RDP, SSH, and Web sessions over TLS on port 443, enabling you to traverse corporate firewalls easily. With added control of the restricted movement of data and isolating the user machine to connect to your environment significantly reduces your attack surface. 

Know more about Sectona Privileged Access Management for remote users.