Remote management is becoming a point of focus for large organizations with disparate networks to manage. The operation of these networks is essential to company success, yet IT staff may be limited in their ability to be physically on-site whenever a problem occurs. If that problem includes a security breach, there is no time to wait for arrival as action has to happen immediately. Fortunately, they can put out of band management practices in place.
A recent Channel Web report highlighted the growing risk of malware attacks in the corporate world. According to the post, Backoff has resurfaced, sparking a range of new and updated malware attacks that target traditional PCs and laptops and points them to a new version of Citadel. Previous attacks have included point-of-sale terminals. In each of these attacks, unsecure remote access technologies were in place to gain access to the systems.
Such a practice gives negative attention to remote access technologies. For many IT professionals and even third-party vendors, remote access is vital to their job performance. These individuals or companies have to have access to the internal system, yet remote access tools have to meet client security policies and enable agents to stay within their SLAs.
These policies have to address everyone with access to the network, from employees to external vendors. Best practices point to the details involved in these policies and the consequences associated with a failure to follow. Service providers have to be held accountable, just like employees, if the network is to be protected. Likewise, access through remote points should be limited to those who will actually work on the system or supported devices, and login policies should support those roles.
Likewise, account lockout settings and two-factor authentication should be in place to offer extra protection for automated attacks. Unsanctioned technologies used for remote access should be blocked. For instance, IT staff members shouldn’t be allowed to use just any device they have handy to check into the network issue. It must be a device that is approved ahead of time. At the same time, the same employees should not be sharing login details to save on licensing as it makes it impossible for the team to identify the culprit if a problem related to remote access should arise.
Accountability must also be in place. If an IT staff member uses another team member’s device or login information, that action should be addressed with consequences. It may seem like immediate attention is more important than the action, but this kind of laziness when it comes to remote access is exactly what leaves the door open for attacks.
Implementing best practices when it comes to remote access is a concept often promoted by out of band management solution provider, Opengear (News - Alert). It is only through such practices that you can be sure your network is protected.
Edited by Rory J. Thompson