The Forrester Blog| Infrastructure & Operations Professionals…
Remote Access and Virtualization: Not One in the Same
In this post, Chris Silva discusses his experiment with working remotely outside his office using LogMeIn. He is looking to explore what limitations arise in his day-to-day usage. He has made note of several issues including a slow refresh, making it difficult to edit a MS PowerPoint document. When looking at the best way to give secure access to the largest number of IT’s constituents, Chris says virtualization is not the only answer. He says remote access serves a much simpler role than virtualization, and is much faster to implement, not to mention cheaper for IT. Employees simply need an efficient and easy way to connect to the network.
IT Business Edge…
‘Tis the Season for Hacking
According to this post by Michael Vizard, the holiday season is a prime time for hacking since IT staff is out of the office. He lists some suggestions that Tufin advises IT departments to do. These include testing the firewall before the holidays, restricting firewall services to unauthorized IP addresses and applying the latest relevant patches and workarounds. They should also enforce session logging and alerting to detect attacks and all attempted connections to VPN and firewall management ports. Organizing a spring clean firewall policy and setting a limit on the number of failed authentication attempts will also help to increase security.
PC World…
Restaurants Sue Vendors After Point-of-Sale Hack
This article by Robert McMillan discusses a Louisiana restaurant that purchased a computerized cash register system which was hacked into. More than 12 Louisiana restaurants have sued the makers of their point-of-sale system, claiming that the companies that made and resold the systems are the ones who should be responsible for fines levied by payment processors due to the hack. The issue here is that a number of customers were given the same password of “computer,” which made it easy for hackers to get access. Remote desktop connectivity for POS’s is not a secure practice. With a true remote access system, two-factor authentication could be used, providing a second layer of password required.
CTO Edge…
Taking a Giant Step Backwards from Security Complexity
This post by Michael Vizard suggests one of the biggest problems with security is not necessarily the volume of attacks, but rather the complexity of our defenses. Traditionally remote access has been a huge challenge for companies with equipment compatibility, user education and end-point management. However, Michael does not mention solutions that are universal and centrally managed, which also eliminates the complexity-factor. He also notes the importance of network access control (NAC) in his article, and we’d have to agree with him on this one. It is important to monitor and regulate every single remote access to the company network by identifying each device and checking conformity with company’s security policy.
