We are living in an ever-changing world where technology has become a staple in both our personal and professional lives. This lends itself to convenience and the opportunity to be productive and push tasks forward, outside of the office. Haven’t we all dreamed of working from the beach on one of those beautiful summer days? If company policy permits, the option is there, but the security risk associated with this must be assessed.
If your employee can access your file server remotely, they can retrieve sensitive company data living on your company’s shared drive. This act alone is perceived as a “welcome sign” to hackers who will use this as a stepping stone to obtain confidential information. How often do you change your passwords? Do you use the same passwords for multiple applications? This leads me to the next question, what is the most secure solution for remote access? Both can go hand in hand, in some instances, depending on which solution you choose.
The primary reason that businesses are moving toward secure remote access is the freedom it provides employees. It also benefits growing businesses that can bring on new staff without the pressure of finding space to house everyone until a company move is planned. Companies need to provide employees a secure mechanism to access their systems remotely if they are going to allow employees to work outside of the office. This extends to those accessing email via iPhones, iPads, etc.
When you give your employees the ability to access networks remotely from any location and any operating system, you are eliminating the need for consistency across mobile devices. This is taken a step further when employees utilize their personal devices. BYOD (Bring Your Own Device) is a trend in the workplace and is more prevalent than ever. BYOD is a firm’s policy of allowing employees to utilize their own devices both inside and outside of the office.
It is important to be aware of the connection that you are using to access your network. Unless you want to make the whole world privy to your company’s data, I would highly suggest avoiding your local Starbucks. Public connections on any network are what hackers’ dreams are made of. This would give accessibility to, not only your information, but sensitive corporate data that may live in your inbox or can be retrieved through the network. If employees are not connecting to a trusted network, Wi-Fi should not be accessed. I referenced secure remote access above. The most important thing about it is that “it’s secure.” While your employees will not give up accessing their home networks or working out of their local coffee shop, your network is no longer at risk.
Implementing a secure remote access system allows your organization to stay current, if not ahead of the times, and take advantage of all of the benefits associated with the use of mobile devices in the workplace. These include but are not limited to; a reduction in corporate spending by implementing a BYOD company policy and increased employee productivity. Employees tend to use their devices for both personal and professional purposes (the dividing line is gone). This tends to eliminate the 9-to-5 mentality and enables them the freedom to respond as thing come up, accordingly, and eliminates putting out “fires” the next business day. When every device can access your network securely, the growth of your business is boundless.
There are a number of products out there that may seem secure, but not all solutions are created equal, especially if they are “free.” Let’s take a look at a few on the market:
LogMeIn, GoToMyPC and TeamViewer
LogMeIn, GoToMyPC and TeamViewer are cloud-based SaaS (software-as-a-service) solutions that enable employees to remotely login to their desktop at work. If setup properly, you can work from your living room as if you were sitting at your desk.
In 2016, LogMeIn, GoToMyPC and TeamViewer dealt with hacking issues related to sophisticated password attacks. Whoever executed the attack had help from password lists leaked from LinkedIn, Tumblr and MySpace. This is a reminder that old hacks can come back to haunt us. The GoToMyPC hack can be referenced back to the 2012 LinkedIn hack. All companies were impacted, but TeamViewer experienced a significant breach with hackers taking over PCs to steal money through services such as PayPal or eBay. As a general rule, never reuse passwords, especially those that access your company network.
I referenced passwords early on in this blog.
Do you know what makes a good password? Do all of your passwords reference your birthday or anniversary? Is that information also posted on your social media sites? Or better yet, do they resemble a number combination such as “123456” or simply use the word “password.” Passwords must be unique to each and every login and should not be personally identifiable nor be on the list of most commonly used. Each password must be randomized and include multiple characters. Key point, don’t use the notes section on your phone to capture all of your different passwords. There are a number of password management applications out there that will generate strong passwords for you. Your only requirement is to remember the password that gets you access into that application.
One might put the attacks referenced above in the bucket of “user error” due to passwords. But what happens next time? Is everyone going to run out and purchase a password solution and change their ways? Hackers are always one step ahead of the game. Users must also be aware of phishing schemes where new complex passwords can be obtained and data compromised with the click of one link in an email from “someone you know.”
Working for an IT Managed Services Provider, I can attest that keeping our clients’ data and networks secure is the number one priority in our business. Citrix Netscaler empowers users with the ability to work from anywhere without the fear of their systems being compromised. Citrix Netscaler provides users with secure remote access to business applications across a range of devices and provides a consolidated infrastructure, regardless of your password or where you are accessing Wi-Fi. Welcome back to your favorite coffee shop, just remember to choose the SSL VPN option when you login to that Netscaler.
If you are interested in learning more about securely accessing your systems remotely, contact The TNS Group today.
By: Jonathan Cartagena, Engineering, The TNS Group