How do you ensure your remote access is secure? Are you looking to secure your servers as long as you have a virtual private network (VPN), virtual desktop infrastructure (VDI), Azure Virtual Desktop, desktop-as-a-service (DaaS), VDI-as-a-service (VDIaaS), or other types of secure jump hosts?
There is a misconception that having a secure proxy is enough to protect your servers from threats. Unfortunately, this alone does not guarantee safe remote access – what is missing is a clean source.
Remote access Trojans can take control of your endpoint beyond keystrokes and screen scraping. When I was a support judge at the 2004 BlackOPS: HackAttack challenge in Singapore, I watched in real time as a team took control of an enemy machine.
But recently, the city-state has faced the rise of a very worrying threat: banking trojans – in the form of Android malware – causing customers to lose their savings, amounting to millions of dollars. This really highlights the real danger of not having a clean source.
If an organization discloses its privileged access to remote users; VPNs, multifactor authentication, secure jump hosts, sudos, network intrusion prevention and detection systems, and web application firewalls are all insufficient without a clean source.
The clean source principle requires that everything that depends on security be trusted as a secure object. This starts with ensuring that the endpoint is secure to specifications including operating system version, security baseline configuration, and other requirements.
In most solutions, this is often called host verification or host testing. If you use Microsoft, this can be achieved by using Conditional Access.
So, the next time someone tells you that DaaS or VDIaaS is enough for your administrator to protect his access to a critical system, talk about the risks and highlight the importance of using a clean source system in a trustless strategy.
Source link