5th Remote Challenge - Risk and Governance
At ST-FOUR we have embraced remote working since 2015 so we know a bit about it!. In previous posts, I talked about how you can give remote users access to the services they need and about tools that will allow IT Admins to centrally manage users wherever they however in this post I want to talk about how all that good work is for nothing if you have left gaping security holes in your systems access that will allow Ne’er-do-wells to take your precious data.
This is the crucial next step that people are going to have to embrace; right now logging in and working is relatively straightforward for most people even if the systems and the way we work is not quite the same but if we are going to prevent our Intellectual Property, the lifeblood of our organisations from being stolen will be a need to increase the security of remote access to systems.
PEN Testing, where a security firm scans your systems for vulnerabilities, usually for a hefty fee is the de facto standard for ensuring systems are secure however they usually create a lot of post-scan security patching and often systems can’t be patched and have to remain insecure so how to overcome these issues:
Secure Application Portals can be used for more than centralising access to a user’s onsite and cloud web services they also provide inherent security by acting as a secure interface between the user and on-premises web services. IT Admins will still need to patch internal systems however with a Secure Application Portal in place PEN Testers as well as unethical hackers will only see A+ ratings on your web scans allowing you to patch to a more manageable schedule.
Multi-Factor Authentication (MFA) is what 2FA (Two Factor Authentication) has progressed into, One, Two, or Several Authentication steps to access your systems. MFA can be applied to your Secure Application Portal, VPN, Cloud Services, Windows & Mac OSX Logins, Mobile Device Access and more and indeed you should be considering using MFA for all these uses however at ST-FOUR we advise you to work smarter. There is nothing worse for an IT User that to have layers of hoops to jump through before they can access their IT systems and get to work, we can help you join up your IT systems so that IT Users need only login with a Single Sign-On with MFA to access all other systems securely and easily.
Risk-Based Access (RBA) enabled IT Admins to apply different levels of security systems, for example, if you want to access your company website from the office you don’t expect to have to jump through tough security hoops however what about accessing your Accounts system from home or even abroad, if your organisation is happy for this to happen it does make sense to apply a higher level of security before granting access.
The other side of RBA is the use of other factors in deciding whether to allow access to a system, for example, what Time of day is it, What Device is asking for access, What country is the user in, Is the user in a Geo-Fenced location, these factors can be extremely effective in boosting security, for example, if a user is accessing your Accounts system from the office while simultaneously access the same system with the same user account from a shared Hotel computer located where they were on holiday last week then something is definitely wrong!
Identity Management (IDM/IDA) is often an afterthought however reducing the proliferation of different user accounts, passwords and authentication methods is crucial in improving security (notably by users no longer having to write down all those security credentials on their desk pad because they can’t remember them). IDM also improves business efficiency by automating user account creation, deletion, group membership and systems access rights across multiple disparate systems (bringing true zero-day start, zero-day finish to your organisation) reducing IT Admin costs and improving productivity.
Privileged Management (PAM/PUM/PIM/PM) while not directly linked with remote working is having a massive impact on improving the security of organisations IT systems. The basic concept is that you stop users (especially IT Admins) logging in with Admin accounts and instead log in as basic users and instead “elevate” to users with Admin privileges only as and when they need to do Admin work. This is coupled with the ability to define exactly what Admin privileges a user should have and the ability to completely Audit (even video) Admin Activity allows organisations to grant all users Admin access to only the systems and services they need and to have a record of changes made.
ST-FOUR have worked with this software for years and can help you define what level of security your organisation needs, how it should be implemented, work with you to install it and train your staff so that you can get the most value from your investments.