This is the fourth in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on secure remote access.
Secure Remote Access
Secure Remote Access is the ability to connect to company resources from anywhere in a manner that does not compromise security. This can be done by several means including remote access software, Virtual Private Network (VPN), or File Sync & Share (FSS). Here are some questions that you should be asking yourself:
Does anyone in your organization work from home or remotely?
How are they remotely connecting to the office?
Are you able to revoke access to the office if they leave the company?
If that connection is a modern VPN, what type of security does it use?
Is your VPN based on passwords or certificates?
Does the VPN log usage statistics?
If that connection is a remote access software, what type of security does it use?
Does the software limit who has access to which resource?
Does the software log who is logging in and for how long?
If that connection is via FSS, what type of security does it use?
Does your FSS have file versioning, backups, and ransomware protection?
Does the FSS limit who has access to which resource?
Do you use 2FA as part of your remote access?
Take time to think about these questions and decide where changes can be made to better protect your IT investments, or contact us to do the thinking for you.