10 Best Practices for Managing Remote Access Risk


With over 70% of the global workforce (e.g. employees, contractors, and third-party vendors) working from home at least one day a week, and 53% working from home half the week , remote access management has become a greater challenge. . Below are 10 best practices for effectively managing the risks associated with remote access.

1. Enforce Remote Access Policies

The first step to effectively managing remote access risk begins with creating, communicating, and educating users about remote access policies that define senior management’s expectations for the use of all devices connected to the network. of the company. Additionally, the remote access policy must enforce the following control requirements to enable defense in depth.

2. Security of physical devices

All devices accessing the corporate network must be protected against theft by adequate physical security mechanisms that prevent the theft of such devices from your home, restaurant, local cafe, vehicle, etc. All devices should be secured in the trunk of your vehicle each time you leave. the device in the vehicle. Laptops and tablets can be easily stolen from your backyard, living room, or the front seat of your vehicle. Keep your home workspace as secure as you keep your normal office.

3. Restrict personal devices

Some organizations choose to restrict the use of personal devices to be connected to the work network, which certainly avoids some of the remote access risks presented by these personal devices. This can help reduce the amount of sensitive data exposed and it will make it easier to enforce security on the company-owned device.

4. Secure the home network

Cybercriminals seek to exploit default passwords on home routers because few people bother to change them, leaving their home network vulnerable. Changing your router’s password from the default to something unique is a simple step you can take to protect your home network from malicious actors who want to gain access to your devices. This is a good first step, but there are additional steps you can take. For example, you should ensure that firmware updates are installed as soon as possible so that known vulnerabilities are not exploitable.

5. Secure the working device

All devices connecting to the corporate network should require:

  • Multi-factor authentication to strengthen the authentication process when trying to log in to critical business process systems and transactions,
  • A virtual private network to encrypt data sent and received,
  • Powerful virus and malware protection software that automatically updates itself when needed
  • Prevent the loading of any unapproved software,
  • Apply automatic screen lock on business devices after 2 minutes of inactivity,
  • Enforce strong passwords and password change management,
  • Enable find my device and remote wipe in case the device is lost or stolen,
  • Restrict the use of non-company approved USB devices to copy data from one device to another
  • Limit the downloading of email attachments, as this is a common way of spreading viruses and malware.

6. Backup and Restore

Apply data backups and enable data recovery if the device is infected with ransomware.

7. Training

Invest in cybersecurity awareness training for employees, contractors, and third-party vendors.

8. Monitor

Invest in security software that can perform constant analysis of user behavior at the transaction level and data field to detect and report anomalies and threats.

9. Security model upgrade

Gartner’s #1 Imperative of the Continuous Adaptive Risk and Trust Assessment (CARTA) approach recommends replacing the old, static role-based access control security model with the enhanced role-based access control security model. Basic Attribute Access (ABAC) for your business applications to automate policy enforcement with adaptive. Access, transaction and data level controls enabled by contextual attributes that can restrict access to transactions and critical data by start and end time ranges, dates, regions, business units, whitelist of authorized users, input controls limiting maximum dollar amounts, processing controls limiting the number of transactions allowed per day, output controls limiting the export of data and reports, etc. With the ABAC security model, you can implement zero-trust security.

10. Continuous Risk Assessment

Gartner’s Imperative #2 of the CARTA approach recommends the continued implementation of discovery, monitoring, proactive risk assessment, and risk prioritization.


Comments are closed.