Remote Access: VPNs, and Zero Trust

10.11.2021 01:53

Remote Access

The past two years show changes within Secure Remote Access, working from home, and VPN use. The COVID-19 pandemic has accelerated the adaptation of secure remote access and Work From Home (WFH). However, not without its challenges. Organizations are pressured to focus on cybersecurity, productivity, and resource/data protection as more cyber threats and breaches/data leaks occur in this modern environment.

Security measures like VPN (Virtual Private Network) and MFA (Multifactor Authentication) are being applied within the remote access environment to counter the above threats. In essence, a VPN establishes a protected network connection when using unsecured or public networks. It allows the traffic that flows within your network to be encrypted and hide and disguise your identity. Secure Remote access cycle secure remote access VPN small logomulti factor authentication mfa logo

How does VPN work?

VPN hides your IP address by redirecting the network traffic through a remote server which is run by the VPN host. For example, your work or home device, i.e., laptop, has its IP and MAC address. If you are on a public network, everyone who would search the network traffic can see your IP address and, in essence, know your location (city, ZIP code, Area code, your ISP (Internet Service Provider). By applying a VPN connection, the VPN host acts as a source of your connection while encrypting the traffic. Henceforth, anyone searching the public network will see the encrypted traffic but will not know the data and where and who it is from.

How does MFA work?

MFA allows employees or users within your organizations to ID themselves with additional factors other than a user name and password. It does so by following three main types of authentication.
1. Things you know: Password/PIN
2. Things you have Smartphone/Token
3. Things you are: Biometrics such as fingerprint or iris recognition.

 

Session Monitoring

VPN Vulnerabilities

The appliance of VPN and MFA allows for an additional layer of security within your network, but it is not enough by today’s standards. Around 93 % of organizations use VPNs. However, 94 % of organizations are aware that it’s one of the main targets of cybercriminals. Modern VPN vulnerabilities exist in SSL VPN products. The CVE-2019-11510 vulnerability allows attackers to retrieve arbitrary files, where authentication credentials can be located as well. Allow attackers to steal credentials and connect to the VPN and change the configuration settings. Such attacks can enable attackers with privileges to run further exploits by targeting a root shell.

Throughout the year’s many vulnerabilities were found in VPNs, from Man-in-the-Middle attacks to offline password cracking and VPN fingerprinting. Furthermore, with the adaptation of secure remote access, we see a staggering 2000 % increase in VPN attacks and adaptation of ransomware and malware attacks from these vulnerabilities on a global shift. Though these flaws get patched, it can be presented that VPNs are, though a good alternative, now an older security tool and require a thorough approach to cyber security.

Zero Trust – Modern Approach To Internal Security and Secure Remote Access

Although Zero Trust is not a new framework, it holds value in modern applications and uses. In essence, the Zero Trust solution provides seamless and secure connectivity to private applications without placing users on the network or exposing apps to the internet. To fully grasp the Zero Trust concept and its solution, here are some elements the Zero Trust follows:
– Monitor all data sources and computing services.
– Secure communication and traffic.
– Enable access on a ‘need to know’ basis.
– Access to resources, driven by a dynamic policy/set of rules.
– Organizations can monitor and measure the integrity of their security and their users and devices.
– All authentication and authorization actions are enforced before access is allowed.
– Organizations collect as much information regarding their security posture.

Privileged Access Management (PAM) is one of the best tools to secure any network infrastructure to achieve the above elements. Solutions such as PAM protect your network against privileged data breaches, help to prevent intentional or unintentional misuse and access right abuse, and prevent the exploitation of your systems and network protocol vulnerabilities. Moreover, PAM solutions enable Secure Remote Access for all employees around the globe to stay connected with a secure connection flow. They help to mitigate security risks that VPN and MFA would not. But as well as introduce a grid-like environment where they can monitor users, authenticate and authorize access, set policies or rules to ensure additional security. PAM solutions also contain AI/ML technology to automate security and apply biometric intelligence to ensure further authentication of your employees/users or report any suspicious behavior.

Author: Damian Borkowski– Technical Marketing Specialist