The Three Human Failures Behind Remote Access Shortcomings

Whenever news of a network security breach reaches the public airwaves, observers are quick to assign blame to some combination of technological shortcomings and human error that allowed an attacker to slip through the victim’s cyber defenses. When it comes to remote access in particular, network security is even more dependent on technology like VPNs, and employees who do their part and follow company protocol. Unfortunately, network administrators often find themselves in a position where, due to human imperfection, remote access technology is the constant that protects their network. Here are the three types of people who are guilty of common, understandable human errors that network administrators need to have on their radar, and try to protect against, as they build a network security infrastructure: The Strained IT Pro Information security professionals are modern-day gladiators, fighting back against complex network security threats, internal and external, as quickly as they form. Yet, as a Ponemon Institute study revealed earlier this year, many IT departments are overburdened as they try to defend against all of these threats at once. The problem is actually two-fold: a dearth of talent to fill positions (according to the study, 70 percent of the organizations say they do not have sufficient IT security staff) and turnover in security positions that can be filled (CISOs leave their positions, on average, after 2.5 years). The result is that IT departments, despite their best efforts, cannot defend against every attack particularly as cyberattackers diversify and expand their efforts in the coming years. The Oblivious Employee For companies that lack a consistent frontline defense by their IT staff, employees are next...

VPNs Enable Desktop Virtualization

By Bernd Reder As the workforce becomes increasingly mobile, the methods by which users access critical business tools must evolve in kind. In the past, the desktop environment and all of the resources it hosted were only accessible if an individual was sitting right in front of his or her computer. But now, with the advent of laptops, tablets and smartphones, we’re seeing a paradigm shift—one in which digital assets are no longer imprisoned by local hard drives. Virtual desktops allow employees to remotely access their traditional systems from any location, eliminating device storage concerns as well as numerous other headaches for IT managers. For example, if the IT department had to install a suitable desktop environment on every device used by every employee throughout the company, then provide technical support and roll out regular patches for each one, the workload would likely far exceed the department’s capacity. A Central Virtualized Desktop With virtual desktops, individuals working off-site can still access all the tools held within their office work stations, from the operating systems to essential applications and associated data. Not only is this more convenient for them, but it is more practical and less cumbersome for IT administrators. All sensitive information and tools are housed and managed in a secure location, mitigating the risks to company data if a security breach compromises an employee’s mobile device. All of the company resources being accessed remotely are stored in secure data centers. Rather than having to constantly update and patch the myriad of tablets and smartphones that workers use while outside the office, IT managers can focus on deploying security...

Executive Q&A On Data Security

Today, Rainer Enders, VPN expert and CTO of Americas at NCP engineering, addresses how IT and data management executives can properly protect their corporate data. Q: What are the most effective steps IT and data management executives need to take in ensuring the best security for corporate information? Rainer Enders: There is no substitute for best-of-breed security solutions. IT managers must realize that only betting on one vendor for all security needs will leave security holes in the architecture. A key starting point is the assessment of risk and exposure. For example, if you do not have employees working outside the office, you’ll have far different security implications than if you have a large mobile workforce. Obviously, the cost of the solution must match the assets at risk that will be insured and protected against damage or loss. A clear and concise security policy must be established that involves all the key stakeholders, and the policy must then be implemented and enforced at all levels. This is probably the most important and, sadly, the least followed advice. Another trap many IT managers fall into is changing security infrastructure too quickly. Rather then taking a blended migration approach, a rip-out-and-replace approach is usually implemented, neglecting benefits and merits of existing incumbent security technologies. This has happened when SSL VPN was introduced to replace IPsec VPN. Customers followed early promises, only to see many companies now returning to the “old” IPsec VPN or adopting a hybrid approach, which would have served them better from the start. So any security architecture framework should follow the technology, not a vendor product roadmap. If...

Readers’ Poll: What Industry Vertical Do You Work In?

A little while back, we began a series of “get to know you” polls in an effort to better shape our content. In a June poll, we asked about your positions within your organizations, with results showing an even split between IT and marketing, with sales also being a popular answer. We found the results quite interesting, and they led us to wonder – in what industry vertical do you work that makes remote access and network security of interest? As always, feel free to elaborate in the comments. [polldaddy...

Readers' Poll: What Industry Vertical Do You Work In?

A little while back, we began a series of “get to know you” polls in an effort to better shape our content. In a June poll, we asked about your positions within your organizations, with results showing an even split between IT and marketing, with sales also being a popular answer. We found the results quite interesting, and they led us to wonder – in what industry vertical do you work that makes remote access and network security of interest? As always, feel free to elaborate in the comments. [polldaddy...