We’re into some interesting times… Teleworking or remote access to our corporate network and data infrastructure is ever becoming more frequent and common. The trend is that this will continue well into the future as it presents many advantages for both companies and employees. We could think of cost reduction, flexible work hours, family reconciliation, etc. If we get more utopian, we could help lessen pollution and reduce environmental contamination because of less travels.

Today, I would like to comment some recommendations to carry out these remote task safely without focusing on the tools or solutions available on the market for such purpose, but on how we can secure connections of, first, administrators of communication systems that login remotely, and second, how to apply the same measures for our users’ connections in order to reduce the surface of attacks whenever possible and mitigate threats as much as we can.

Administrators of communication systems (firewalls, routing, core switching, etc.) should take into account the following as much as possible:

  • Do not use ‘root’ or ‘admin’ accounts, but create profiles with appropriate privileges
  • Always disable access services for tipo https ’and‘ ssh ’management from the Internet (WAN)
  • Limit access to devices through whitelisting
  • Exclusively manage communication systems through secure connections (SSL, IPsec or some trusted Cloud system)
  • Enable complex passwords for these accounts
  • Use 2FA or OTP (double factor authentication systems)
  • Do not reuse or use credentials for all systems

I would add to what was mentioned above that users’ connections should be made through SSL, IPSec, or HTML5, limiting their access to resources specifically designed for them and using SSO (single-sign-on) when posible.

Last but not least, always keep firmware and patterns of security and communication systems up to date, and never openly publish RDP services (note taht changing the port from 3389 to 3398 is nothing but a false sense of security).

In these times, every change is challenging and cybersecurity is like a moving target that we have to deal with through frequent changes. That is why it is necessary not to let your guard down so as not to make it easy for cyber criminals.

 

To keep up with cyber-security issues, news highlights, and other stuff, join me on Twitter.

Wajdi A. Ayach

Author Wajdi A. Ayach

Changes are challenging, and cybersecurity is like a moving target that we have to mitigate through continuous adjustments.

More posts by Wajdi A. Ayach

Copyright 2017, TresW