When Remote Access Becomes Your Enemy

As convenient as it would be for businesses to have all their IT service providers working on-site, just down the hall, that’s not always possible. That’s why secure remote access is a component frequently found in the digital toolboxes of service providers that offer maintenance, troubleshooting and support from locations other than where the product or system is being used. This arrangement makes sense: It saves enterprises time and money. Yet, that doesn’t mean remote access is always foolproof. Although it’s long been possible to securely implement remote access, sloppy work and carelessness have increasingly created critical vulnerabilities. In April 2013, for example, it became possible to damage Vaillant Group ecoPower 1.0 heating systems by exploiting a highly critical security hole in the remote maintenance module. The vendor advised customers to simply pull the network plug and wait for the visit of a service technician. About one year later, AVM, the maker of the Fritz!Box router, also suffered a security vulnerability. For a time, it was possible to gain remote access to routers and, via the phone port functionality, to make phone calls that were sometimes extremely expensive. Only remote access users were affected. Then, in August 2014, Synology, a network attached storage (NAS) supplier, was affected. In this case, it was possible to gain control over the entire NAS server data through a remote access point. Finally, at this year’s Black Hat conference in August, two security researchers revealed that up to 2 billion smartphones could be easily attacked through security gaps in software. It’s clear that these attacks and vulnerabilities are all part of a trend –...

IPv6: Looking Back on Year One

It was only one year ago that the world welcomed the launch of IPv6, the long-anticipated solution to the problem of the world running out of IP addresses. In its first year, IPv6 has started to take root. Take a look at Google’s IPv6 adoption chart, for example, and you will notice that the growth has been exponential over the past year. However, the communications protocol still has a long way to go before becoming widespread. Over the next several years, the need for IPv6 will become more evident though. North America will run out of IPv4 addresses this month, according to the Internet Society’s infographic we previously referenced; meanwhile, Europe and Asia have run out already. On top of this, the increasing number of web-enabled smart devices, including smartphones, tablets, household appliances and vehicles, will put a further strain on IPv4’s networks. Despite the glaring need for IPv6, IT infrastructure is still a limiting factor in its adoption. Rainer Enders had this to say in an IT Business Edge article: “The truth is, the transition to IPv6 will be a slow rollout that will happen over the next 10 years. There’s still too much work that needs to be done from providers in terms of upgrading their wiring, pipes and firmware.” Sadly, this is still the case, as many organizations have used workarounds like Network Address Translation (NAT) as band-aids rather than confronting the inevitable transition to a long-term solution. Luckily, organizations are slowly starting to embrace the new era of the Internet. Operators such as AT&T, Verizon and Deutsche Telekom have championed the new protocol, with each...

Expert Q&A: Preventing Mobile Hacking: Must You Take Precautions?

*Editor’s Note: This column originally appeared in TechTarget’s SearchNetworking.com  Question: How do I protect my mobile devices from intrusions via the network? How much can I rely on my service provider to defend me from mobile hacking? Rainer Enders, VPN Expert and CTO, Americas, at NCP engineering:  In general, service providers of mobile networks do a good job of keeping the networks secure. The public wireless broadband carrier networks incorporate secure storage, mutual authentication and strong encryption, as well as air link ciphering, to keep data secure. However, it is still a good idea to use a device firewall and VPN technology to protect all mobile device communication. Also, keep in mind that, at times, devices roam into far less secure mobile networks, such as Wi-Fi networks and hotspots. An integrated device firewall and IPsec VPN clients are excellent protection mechanisms....

VPNs Enable Desktop Virtualization

By Bernd Reder As the workforce becomes increasingly mobile, the methods by which users access critical business tools must evolve in kind. In the past, the desktop environment and all of the resources it hosted were only accessible if an individual was sitting right in front of his or her computer. But now, with the advent of laptops, tablets and smartphones, we’re seeing a paradigm shift—one in which digital assets are no longer imprisoned by local hard drives. Virtual desktops allow employees to remotely access their traditional systems from any location, eliminating device storage concerns as well as numerous other headaches for IT managers. For example, if the IT department had to install a suitable desktop environment on every device used by every employee throughout the company, then provide technical support and roll out regular patches for each one, the workload would likely far exceed the department’s capacity. A Central Virtualized Desktop With virtual desktops, individuals working off-site can still access all the tools held within their office work stations, from the operating systems to essential applications and associated data. Not only is this more convenient for them, but it is more practical and less cumbersome for IT administrators. All sensitive information and tools are housed and managed in a secure location, mitigating the risks to company data if a security breach compromises an employee’s mobile device. All of the company resources being accessed remotely are stored in secure data centers. Rather than having to constantly update and patch the myriad of tablets and smartphones that workers use while outside the office, IT managers can focus on deploying security...

Webinar: What CIOs and CTOs Need to Know About Mobile Device Security

Rainer Enders, CTO, Americas at NCP engineering, recently conducted an Execsense webinar around what CIOs and CTOs need to know about mobile device security. Rainer explains how the replacement of static access networks with mobile access networks has led to a paradigm shift in overall network security. Because mobile device protection complements infrastructure protection, enterprises must safeguard their data within hostile mobile access networks, which are made all the more vulnerable in today’s information age. Taking us further down this journey of murky data classification and the new obstacles IT leaders face with the proliferation of mobile devices and BYOD, Rainer describes what mobile-centric security strategies CIOs and CTOs should implement to ensure optimal network protection. We hope you’ll tune in to the new Execsense webinar here....