Allowing access to an organization’s resources from outside the corporate network may be necessary for some businesses. Logically, when this kind of remote access is allowed, your organization takes on additional risks and the access should be handled as securely as possible by:
- Ensuring the remote access is encrypted (SSL, IPSec, etc)
- Ensuring there is strong authentication for remote access (2FA)
- Ensuring that strong passwords are required for remote access
Examples of remote access:
- Remote Desktop Protocol (Never expose directly to the Internet)
- RDWeb (remote desktop over web)
- SSL VPN
- IPSec VPN
Limit and review authorization scope
- Do not allow widely scoped authorization for remote access. Be sure to limit authorization/access to a business need.
- Review authorizations for remote access regularly to assure that no unwanted personnel can access.
Remote access protocols (especially Remote Desktop Protocol or RDP) pose a great risk to organizations of all size. Do not leave these capabilities active unless required. Further, you should never leave RDP exposed to the internet.
As always, Coalition is here to help you on your way. Please reach out to us for additional information!