Secure remote access checklist

It’s imperative to ensure your organization’s remote access to systems and data is secured now more than ever. Cyberattacks continue to rise while regulators and insurance adjusters crack down on organizations with weak remote security.

To help you keep all your bases covered, we’ve fashioned a checklist to follow as you harden your remote access policies and infrastructure.

Basic remote security hygiene

If you don’t already have them in place, these techniques are musts for securing remote access.

• Implement security awareness training: It is critical for everyone on your team, especially remote workers, to understand the role they play in keeping the organization secure. Hold regular trainings to instruct, test, and reinforce common security best practices organization-wide.
• Leverage password managers: Ensure strong, complex passwords and avoid reuse by employing a password manager or vault for employees. Then, they only need to remember one strong master password to lock down their vault and can generate powerful ones for their other apps and services.
• Enforce multi-factor authentication (MFA) everywhere: Username and passwords aren’t strong enough to keep bad actors out. Adding MFA wherever possible creates difficulty for attackers, keeping them out of endpoints and sensitive systems. Biometrics and other technologies like endpoint proximity sensing further prevent account takeovers and lock down machines when users are away.
• Standardize device imaging and group policies: Streamline remote deployments through upfront configurations in your RMM and MDM solutions. By changing default passwords on endpoints and other hardware as well as changing the default SNMP community string, you can further improve the overall network security posturing. Establishing and enforcing group policies ensures consistency and security at scale.
• Patch management and system hardening: Unpatched systems are an attacker’s best friend, especially in the realm of remote access. Be sure all apps and operating systems are up-to-date and remain informed on new zero-days so you can address them before they can be exploited. Review your hardware and software and eliminate any sunset or otherwise unsupported technologies.

Strengthening access security

With the basics locked down, it’s time to hone in on remote access systems and find opportunities to improve your approach.

• Prioritize conditional access wherever possible: With remote work, implementing conditional access helps to prevent unauthorized users from touching your critical systems. For many organizations, conditional access goes beyond using native capabilities within Microsoft 365. Using single sign-on (SSO) with MFA, identify and isolate solutions like IT Glue, Slack, HubSpot, etc. that allow for conditional access to improve your security posture.
• Review your remote access methods: Whether you’re using RDP, VPN, or any combination of protocols, examine your network layout keenly. You may have previously created holes in your RDP or firewalls to allow for contractor access or something similar. Take the time to identify and seal up those gaps in coverage, such as public ports or legacy configurations. This includes reviewing your firewall rules and policies: if you can’t explain what each rule does, that is a problem. Don’t forget your PBX/VoiP/core switching solutions in this review as well; attackers will exploit any opening they can find.
• Do your vendor due diligence: Review your technology stack and how they interact/integrate across your environment. Double-check which vendors/solutions have access to what information. By default, they may pull more data than is required to operate, so reduce your attack vectors by limiting access on the technology side as well.
• Gain comprehensive visibility: Integrate your full technology stack from endpoints to network infrastructure into an observability solution like SIEM. You need to be able to see what’s happening across your environment in a moment’s notice. Consider implementing monitoring tools to help feed your SIEM and give insights into employee activity and productivity.

Creating an adaptive remote access approach

Having tackled these steps so far, it’s time to mature your remote access methods to stay ahead of new and emerging threats. These techniques will also improve your ability to respond to active threats while also improving end user experience.

• ‍Embrace digital transformation: The cloud is not only critical to enabling remote work; it helps create abstraction and reduce costs. For example, a big uplift in security is moving workloads to cloud servers, using endpoints as terminals. Also, consider obfuscating your network as well through a solution like SASE to streamline network access while rendering your traffic invisible to external actors.
• Implement backups and disaster recovery: Disruptions due to cyberattacks, outages, or other uncontrollable factors are bound to happen, so it’s best to prepare for the worst, always. Routinely backup critical data and implement incident and disaster response processes to ensure consistency and effectiveness. Something as small as temperature and moisture sensors in your server rooms can help you avoid downtime and maintain velocity.
• Scan your network: Leverage a trusted third-party to scan your network for vulnerabilities both from outside of and within the organization. Using a third-party tool or analyst to do so ensures that you get a second set of eyes to catch anything you may have missed throughout the process. Routinely holding these scans and penetration tests ensures that your network remains harden as you grow and scale.
• Iterate, iterate, iterate: Security, especially in remote access, is never a done deal. As technologies and attack vectors evolve, so must your approach to securing them. Keep current with emerging threat intelligence and seek the best technologies to streamline and secure your remote operations.

Need help maturing your cybersecurity operations and remote access? Read our eBook based on NIST’s Cybersecurity Framework to find more opportunities to improve your approach.

‍