Among security practitioners and leaders globally there is a common conversation happening. “Is now the time to rework our infrastructure and practices to be more secure, in the middle of all this uncertainty. Do we react, and just make it work? Or do we consider the threats we are knowingly introducing and accept that risk? And how do we do this during a pandemic?”
Honestly, those are very fair questions to ask. But that conversation has to happen and it has to happen now. Let’s explore why now, right now, is the time for a transition to secure remote access to begin and dive into the opportunities that we are presented with by this crisis.
Chaos because of the pandemic
Thanks to an unseen adversary, a microscopic enemy, the month of April was one of the most tumultuous in modern history. In less than 30 days the world’s previously well understood and defined enterprise architectures had no choice but to abandon their somewhat secure enclaves and open the network gates to their employees to enable a work from home model.
Secure remote access challenges in all verticals around the globe
For almost every business in every vertical, the majority of their workforce was effectively shoved out of the door, told to power on whatever machine they had at home, regardless of its security posture, and find some way to access the company infrastructure at all costs.
With reckless abandon and in a compressed time frame 30 years of enterprise perimeters were shredded as tens of thousands of holes were ‘poked’ into them. Each and every new access, laptop, PC, VPN, user, account, and home network are new potential compromise points for these infrastructures. There has been literally no other option than to basically allow users with those uncontrolled and insecure assets to connect into the enterprise, because if that did not occur, the company, and potentially the economy, would collapse under its own weight.
Unsecure and old technology to enable remote access
And how have enterprises handled all of this transition? By strategically and thoughtfully maneuvering users and assets into secure long term programmatic future state solution sets? No. Most have simply fired up more VPN’s (which are known to be insecure), and by using RDP as a main protocol and access means to ‘manage’ those rogue assets. Which of course further complicates the security issues around the transition.
Already, Cyber-security firms and researchers are noting that the number of brute-force attacks targeting RDP endpoints has risen sharply since the onset of the coronavirus (COVID-19) pandemic.
Virtual private network (VPN) & security risks
Virtual private networks have been around for a long time, and stems from an age where cybersecurity concerns were different. They come with multiple flaws on various level like security, user experience and management. Be aware that unprotected VPN access to your network is a serious threat to your organization because of several vulnerabilities.
If your users, for example, unconsciously are the victim of phishing attacks and download malicious software on their device, this can have severe consequences to your company. For hackers, it’s then easy to gain access to corporate resources and get their hands on sensitive information. Don’t think that ransomware attacks cannot happen to your business or education institution and be prepared.
Attacks on RDP increasing
According to one report, RDP brute-force attacks increased last month by 41%. Even more telling researchers have found an increase in the sales of stolen RDP credentials on so-called “RDP shops.” Those credentials will be used by other gangs and hackers to help them access a company’s network, and potentially install ransomware on company assets.
Those ransomware attacks have been on a rise, as for most companies, the way they have adapted to this crisis is by some form of direct access. This will create risks for cyber attacks and threats, because if a device is infected with malware, the attacker now has a direct way via the computer into the organization’s system.
While naked RDP may be the simplest method, it is thus also the least secure remote access method. This is problematic for a few reasons:
First, those protocols are essentially exposed to the internet and are a ripe target for brute-forcing, credential spraying and ultimately some of those credentials will be used by attackers as part of a spear-phishing campaign to steal data.
Second, those remote services likely allow unmanaged (mobile) devices direct access inside the corporate networks, and because of the way the unmanaged systems work, they provide little visibility into the new hosts that are connecting to these services.
Finally, those assets are home devices and are unmanaged, meaning that they likely have no patch management, out of date anti-virus, excessive privileges, administrative controls, and operable external device connectivity. A recipe for disaster and following cyber attacks is brewing.
Unfortunately, this is how things ‘have’ to be for now. You must react and you must respond to keep the business alive. That requires organizations to make things work and accept those risks, but it shouldn’t be that way for long. It can’t be that way. This won’t be just a blip in time either, this is indicative of what is to come. And this virus will continue to have an impact on your enterprise even as things “normalize”.
Employees are already saying they are more worried about working in an office, 49% as opposed to 21%, as this has played out. It’s likely those employees won’t rush back to the company network for a variety of reasons. If that’s the reality then it’s even clearer to understand that now you have an opportunity to change the way you approach this problem and move progressively towards a more secure, but more remote future.
Awingu enables the change needed for secure remote access
Awingu sees the change that is coming. And we have built our solution to align and to enable that future, but we have built our solution differently than those other outdated approaches.
We see the value of the strategy that is helping enable the future state of enterprises and make it possible by keeping the user off of the active internet and protected inside of a secure container. By doing this we can help easily enforce tenets of Zero Trust like password management, patch management, using remote workspace solutions, browser isolation, and a host of other secure remote workforce solutions all at once.
Many organizations already started implementing Awingu for remote work or digital transformation. They are using the built-in security capabilities like context awareness, granular usage control, MFA, session recording, … to let employees work on their own devices, even mobile devices, in all simplicity and security. Meanwhile they can control what happens with the data and have even access to anomaly detection and a dashboard of everything that users do. Using a unified workspace like Awingu brings benefits for users and admins.
Beispiel: BlackBerry Digital Workplace
Let’s have a look at how Awingu & BlackBerry created the ‘BlackBerry Digital Workplace’: a BlackBerry bundle that contains Cylance Protect, BlackBerry Desktop, and Awingu for a very attractive price.
This secure remote access bundle provides secure and controlled access to VDI’s, remote desktops, Server Based Computing, intranets, file servers, … inside a managed container (BlackBerry Desktop). The container happens to be a Chromium-based browser that is optimized to run Awingu.
The bundle also pushes Cylance Protect – a next-generation ML-based malware protection solution – to the local device. When Cylance Protect is not running on the device, there is no access possible to the container (BlackBerry Desktop) and as such also no access into Awingu. Perfect to roll-out Bring Your Own Laptop or to give contractors (and B2B customers) secure access to your business resources (applications, desktops, files).
Chief Sales & Marketing Officer
Über den Autor
Chief Sales & Marketing Officer