While many organizations
already have telecommute policies and solutions in place, they are most
commonly for either fully-remote workers or for employees who typically work in
the office but need flexibility for unusual situations. The current environment
most companies now face may put their remote workplace capabilities to the
test.This is most pronounced when
considering security controls, cyber-hygiene, and reducing risk exposure that a
more remote workforce creates. Are organizations prepared for such a
distributed workforce and the potential risks that come with it?
When it comes to IT
administration teams, outsourced IT, and third-party vendors who might have
privileged access to systems and infrastructure, they need secure, granular
access to critical infrastructure resources regardless of location and without
the hassles of a virtual private network (VPN). Ideally, how privileged users
access these systems shouldn’t be different, regardless of whether they are in
an on-premise data center or accessing remotely. Ditch the VPNLast year it was reported
that Citrix was breached through a password spraying attack that also sought to
leverage VPN access. ARS Technica also reported last year that energy companies have specifically become targets of attacks that
use password spraying and VPN hacking.Unlike a VPN that generally
gives users visibility to the entire network, organizations should only grant
access to resources on a per-resource basis. This gives privileged internal IT
admins access to only as much infrastructure as necessary, while limiting
access by an outsourced team to only the servers and network hardware their role
requires.Privileged users should
authenticate through Active Directory, LDAP, or whatever the authoritative
identity store is, or grant granular, federated privileged access to resources
for business partners and third-party vendors.Guard against cyber-attacks
by combining risk-level with role-based access controls, user context and MFA
to enable intelligent, automated and real-time decisions for granting
privileged access to users who are remotely accessing servers, on password
checkout or when using a shared account to log into remote systems.Secure Privileged Access
for On-Site and Remote AdministrationHere are six ways any
organization can create consistency in their privileged access management (PAM)
approaches to secure remote access to data center and cloud-based
infrastructures through a cloud-based service or on-premises deployment.
Grant IT administrators secure,
context-aware access to a controlled set of servers, network devices and
Infrastructure-as-a-Service (IaaS).
Enable outsourced IT without the
need of including administrators in Active Directory.
Control access to specific data
center and cloud-based resources without the increased risk of providing full
VPN access.
Secure all administrative access
with risk-aware, multi-factor authentication (MFA).
Single secure access point for
administrators to manage infrastructure using shared accounts or their own
Active Directory account.
Enable secure remote access to data
center and cloud-based infrastructures for internal users, third party vendors
and outsourced IT through a cloud service or on-premises deployment.
Nate Yocom is Chief Technology Officer at Centrify
There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]
It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news