DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Partner Zones AWS Cloud
by AWS Developer Relations
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Partner Zones
AWS Cloud
by AWS Developer Relations
Building Scalable Real-Time Apps with AstraDB and Vaadin
Register Now

Trending

  • Essential Architecture Framework: In the World of Overengineering, Being Essential Is the Answer
  • Design Patterns for Microservices: Ambassador, Anti-Corruption Layer, and Backends for Frontends
  • Managing Data Residency, the Demo
  • Micro Frontends on Monorepo With Remote State Management

Trending

  • Essential Architecture Framework: In the World of Overengineering, Being Essential Is the Answer
  • Design Patterns for Microservices: Ambassador, Anti-Corruption Layer, and Backends for Frontends
  • Managing Data Residency, the Demo
  • Micro Frontends on Monorepo With Remote State Management
  1. DZone
  2. Software Design and Architecture
  3. Security
  4. How to Maintain Secure Network Access When Employees Work Remotely

How to Maintain Secure Network Access When Employees Work Remotely

This post reviews remote work security tips you should incorporate to ensure your company’s safety.

Eddie Segal user avatar by
Eddie Segal
CORE ·
Updated Sep. 02, 20 · Tutorial
Like (3)
Save
Tweet
Share
2.97K Views

Join the DZone community and get the full member experience.

Join For Free

According to a recent survey, 51% of employees in Americans have transitioned to working remotely due to the COVID-19 pandemic. The sudden change to the remote workforce has left many companies struggling to establish security protocols and policies. Businesses are transitioning toward long-term remote work arrangements, demanding advanced safeguards against data breaches and cyber-attacks.

Businesses need to take measures to secure their employees’ remote access. This post reviews remote work security tips you should incorporate to ensure your company’s safety.

What Is Secure Remote Access?

Secure remote access refers to any security solution, process, strategy or policy that prevents unauthorized access to network resources, or any sensitive or confidential data. Secure remote access is a critical part of any healthy application stack. It usually combines several security strategies and not one specific technology like a Virtual Private Network (VPN). 

Secure remote access solutions work with network elements like a Domain Name System (DNS) and Transport Layer Security (TLS) to ensure continuous security and performance of your applications.

Why Is Secure Remote Access Important?

In light of the shift to remote work, employees are using a large number of endpoints to access corporate networks from various locations. Home networks are usually the preferred originating point for network connections. Home networks are more vulnerable to security threats than corporate networks, leading to multiple risks on both home and corporate networks. 

That’s why organizations must replace traditional security measures with solutions that support secure and safe access from any device, and from any location.

What Technologies are Used for Secure Remote Access?

There are several types of secure remote access technologies, including, but not limited to:

  • VPN — Is a service that uses authentication and encryption methods to establish a secure connection to another network over the public Internet. A VPN connection can either be remote or site to site. In a remote connection, individual users connect to a private network through the Internet. In a site to site connection, entire networks are connected to each other over the Internet. 

  • Zero trust network access — A security method that doesn't automatically trust actors operating from within the security perimeter. Rather, you need to verify everyone trying to connect your network before granting access. 

  • Network Access Control (NAC) — A security solution designed to protect the entire perimeter of an organization’s network. This includes both the physical infrastructure and any cloud-based systems. NAC systems are usually proactive, meaning they can block threats before they penetrate the network. NAC controls access to a network through a combination of endpoint security, authentication, and network security policies.

  • Endpoint security — A security strategy designed to protect your endpoints and network perimeter. An endpoint is any device that connects your network to a wider network, like the public Internet. For instance, smartphones, laptops, servers, workstations, or Internet of things (IoT) sensors, are all endpoints connected to networks.

  • Single sign-on (SSO) — Is a user authentication approach that enables users to authenticate to and access different resources with one set of login credentials.

  • Privileged Access Management (PAM) — Is a set of strategies and technologies for managing, securing, and access monitoring of an enterprise’s data from privileged accounts.

  • Software-Defined Perimeter (SDP) — Creates a virtual boundary around Internet-connected infrastructure like routers and servers. The boundary is created at the network layer, not the application layer. As a result, external parties cannot access the network, whether it is hosted in the cloud or on-premises.

How to Maintain Secure Network Access When Working Remotely

Organizations need to establish processes to prevent vulnerabilities like malware attacks, phishing scams, and DDoS attacks. Below, you’ll find an overview of seven remote work vulnerabilities, and tips you can use to prevent them.

Malware

Attackers are using the Coronavirus pandemic to generate massive amounts of malware spam, and phishing emails to increase their chances of infecting targets. Coronavirus-themed malware campaigns are harvesting credentials, installing keyloggers, and locking down systems with ransomware. This is especially a big risk at health care organizations since the global medical emergency continues.

Tips for defending against malware:

  • Don’t use accounts with elevated privileges — For everyday tasks.

  • Secure all endpoints — With Endpoint Detection and Response (EDR) solutions.

  • Implement network segmentation — Home network devices are usually not fully patched. Therefore, you need to segment your networks and keep home networks segregated.

  • Use security analytics — Intelligence-driven threat hunting to identify sophisticated attacks.

  • Implement zero-trust security — Organizations should not automatically trust anything inside or outside its perimeters at any time.

Phishing

Phishing attacks are based on disguised emails as a weapon. The goal is to trick the email recipient into clicking a malicious link or downloading malware. When recipients click on the malicious link, hackers can steal their credentials, or penetrate their network. 

Hackers exploit the fears and uncertainty surrounding the Coronavirus crisis to execute multiple phishing attacks. Therefore, lack of awareness and continuous cyber training programs increases the risk of malicious content landing in an organization’s environment.

Tips for defending against phishing attacks:

  • Enforce mandatory security training and awareness programs — To ensure employee readiness across all remote locations. You can do it with short videos describing the guidelines followed by a few questions.

  • Protect your passwords — For all-conference meetings and avoid sharing links to meetings on social media.

  • Don’t fall for URLs professing or fake apps — On video conferencing software

DDoS Attacks

Distributed Denial-of-Service (DDoS) attack is a malicious attempt to make a targeted service, server, or network unavailable by overwhelming the target with a flood of Internet traffic. DDoS attacks can substantially damage the performance and availability of a website, server, or VPN services.

The damage can be even more significant when an entire workforce relies on remote access to corporate network resources. DDoS attacks often create confusion, they distract and misdirect resource-deprived organizations, and enable hackers to steal sensitive data. 

Tips for defending against DDoS attacks:

  • Resilient network architecture — Ensures business continuity and protection from any type of outage or disaster situation.

  • Deploy appropriate hardware — That can handle known types of attacks and protect network resources.

  • Scale up network bandwidth — To be able to handle a large volume of traffic if necessary.

Remote Access Hacks

Remote desktop products and enterprise VPNs use authentication and encryption technology to ensure secure connectivity. However, cybercriminals are taking advantage of the increased number of remote workers to actively hunt for vulnerable connections of remote access technology.  

Tips for defending against remote access hacks:

  • Update VPNs — Network infrastructure with the latest software patches and security configurations.

  • Multi-Factor Authentication (MFA) — Implement MFA on all VPN connections or require workers to use strong passwords.

  • Test VPN limitations to prepare for mass usage — Implement modifications like rate limiting to prioritize users that will require higher bandwidths.

Conclusion

In a globally decentralized business landscape, hackers will continually present a risk to network security. With this danger in mind, organizations need to take preventative actions in securing remote network access for their employees or face the consequences.

Organizations need to make sure they are capable of preventing potential attacks and data breaches by using network monitoring solutions like Zabbix, using zero-trust applications like Perimeter 81, and enforcing privileged access management.

Network security workplace vpn

Opinions expressed by DZone contributors are their own.

Trending

  • Essential Architecture Framework: In the World of Overengineering, Being Essential Is the Answer
  • Design Patterns for Microservices: Ambassador, Anti-Corruption Layer, and Backends for Frontends
  • Managing Data Residency, the Demo
  • Micro Frontends on Monorepo With Remote State Management

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com

Let's be friends: