Enemies within
Various strategies are needed to prevent a breach of perimeter security by remote workers, Ritchie Jeune says
Investment in perimeter security means nothing if the enemy is inside the gates, and end-point security is a vital but often overlooked part of the puzzle.
A single unlocked workstation or an insufficiently secured mobile worker is all it takes for network security to be compromised.
As the use of wireless increases so does the number of threats levelled at the operating platform, and the open nature of wireless network traffic makes it a prime target for hackers.
Organisations allowing remote workers to connect to corporate networks need to watch where people are connected to the network.
If the machine involved is a home or internet cafe PC, much is outside the company security team’s control.
Staff in many organisations tend to be their own worst enemy when it comes to remote security.
Wireless hotspots can and do provide a jump-in point for hackers. Users of the same hotspot are on the same logical network so viruses can be spread and hackers can simply scan and probe other users.
Corporate laptops are still used in public places, regardless of the potential dangers of wireless hotspots and the amount of confidential information that could be on show.
Notebooks also get left regularly on trains, stolen from the back seats of cars and corrupted by other users.
And we all know that if an external PC has been compromised, once the user has connected to the corporate LAN a hacker can have full access to the network.
SSL VPNs are generally considered the most secure way to access the network. Unlike the traditional IPsec VPN, SSL VPN works at the application layer giving access to applications and ports rather than creating a full IP tunnel.
Installing a local firewall on business laptops and ensuring their anti-virus software is fully up to date will go a long way in securing any connection through a wireless hotspot.
Good Network Access Control (NAC) will ensure that only PCs that meet the s ecurity requirements of your organisation will gain access to the network.
NAC works with both IPsec and SSL VPN, and is a must for companies that have remote workers connecting to company networks.
NAC helps take security to the next stage and ensures applications are at the right level. It also helps to guarantee that the people accessing the systems also have the right level of security.
There are still concerns, however, that current NAC technologies are not persistent or secure enough and I would agree that NAC in itself is not a silver bullet.
For years, we have been in a blended threat environment and, from our perspective, NAC is just part of a blended solution.
NAC plays an important role though; it is a new environment and a new step towards achieving a solid security environment. It’s part of the blended security solution that we believe companies need.
Ritchie Jeune is chief executive officer at Evolution Security Systems