Threats to remote connections
Mobile devices simplified the communication within the company and made the work approach more flexible – but the increased use of tjose devices leads to higher risks for the network. To be prepared a continuous monitoring of the infrastructure and regular software-updates are necessary. Due to the constant change of technology flaws and faults emerge, which can be exploited.
Many companies use VPN as a supposed secure remote connection. They are an extension of the company network and sensitive data is transported via public networks. The connected clients are seldom secured as tightly as servers, so they form the first weak point. In addition, if employees receive more and special rights like SuperUser or Administrator and If they are given without any further protection, hacker can use the badly secured client to gain access to the company network via VPN. After that they can give themselves more access rights and have unlimited access to sensitive data. Exactly that happened to Heartland Payment Systems in 2008.
Another problem can be the management of accesses. If employees, who have left the company, still have their remote accesses, they can use them to harm the company. Especially companies with a high fluctuation quote, like in the retail industry, face that problem.
Furthermore, the improper disposal of hardware can cause serious damage. There was one case, when a second-hand VPN-Gateway token still contained the access data to the internal data of the former owner.
Remote access infrastructures have to meet complex security requirements. The legislative authority demands strict controls and monitoring of the actions. From the company-side an easy administration, platform independent use and a fast data transfer should still be granted.
VISULOX supports you here as a solution for the centralized management of remote accesses of internal and external privileged users to the IT-Infrastructure. With that security-solution accesses to the infrastructure can be saved, a two factor authentication can be implemented, or access accounts can be provided with different roles to simplify the actions installing, changing, and deleting and to reduce mistakes. Access to sensitive areas can be recorded via session recording and secured on a revision server, to be able to retrace actions if problems occur. The data transfer takes place in an inspection zone including a content control, so data cannot be infected with malware from the outside. Everything happens in accordance to legal requirements and guidelines for information security and data protection.
In short: with VISULOX you can control, limit, monitor, and document the accesses to your data and resources centrally, automatically and down to user level. All rules and requirements of the Privacy Act and information security are adhered.
Additionally you can see our article “Which factors are important for an efficient remote access management”
If you have any questions please do not hesitate to contact us!