Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Is Your Remote Access Strategy Adapted for the New Normal?

November 30, 2020

  • Blog
  • Archive

Let’s face it – most organizations have been using VPN technology for years. Most technology professionals know exactly what to expect with both SSL/TLS and IPSec-based VPN technologies, as they’ve been tried-and-true staples of our remote access strategies for decades. Unfortunately, VPN is rapidly moving to “the way we’ve always done it” in remote access strategy, which we all know means…fading in relevance and less adapted to the nature of today’s workforces. Does that mean VPN is dead? Probably not, but we’ve seen a number of issues with VPN “hub and spoke” models in the past several years, such as:

  • Many critical applications and services that employees need are cloud-based, eliminating the need to come back on-premise in the first place.
  • More organizations have shifted to bring-your-own-device (BYOD) strategies, especially with unexpected scenarios like the COVID-19 pandemic. At the same time, employees have been steadily moving to remote work overall, but traditional remote access security controls haven’t adapted.
  • Our hybrid infrastructure is more complex than ever, and building and maintaining least-privilege access models has gotten significantly more challenging.

All of this is compounded by more attacks against remote workers, as well as an expanded need to support remote access for vendors, partners, and other various stakeholders.

As many workforces became entirely remote in 2020, attacks targeted remote users with sophisticated campaigns that involve collaboration tools, services, and more. In the most recent SANS Endpoint Protection and Response survey, 42 percent of respondents say at least one of their endpoints has been compromised. Even worse, 20 percent didn’t know whether or not any endpoints had been compromised. Without strong privilege controls, these users and endpoints become immediate ingress and lateral movement starting points for adversaries looking to compromise central data center resources.

Remote Access Security in the New Normal

The nature of many organizations’ workforces is likely to change, too. In the coming months and years, many employees won’t come back to traditional on-premises jobs, and will continue to work remotely 100% of the time.

For some jobs, this shift to full-time remote working won’t pose a major challenge. Hower, this is not the case for many other roles, especially those that demand very strict control of privileges to a limited number of resources (for example, vendors performing remote support), or administrators that hold “the keys to the kingdom”. For this time of sensitive work involving highly privileged access, shifting to a remote access strategy requires implementation of strong oversight and audit controls..

There’s really never been a better time than right now for organizations to rethink the types of capabilities they want and need in a remote access solution. We’ll need strong access controls at the endpoint, network access controls at the cloud and data center levels, strong logging and audit capabilities, and more advanced functionality like session monitoring and management and just-in-time access.

One thing is for sure – the VPN technology of yesterday won’t get us where we need to go. To further explore how to address these security challenges now and into the future, watch my on-demand webinar: The Quest for Better and Safer Remote Access.

Dave Shackleford

Cybersecurity Expert and Founder of Voodoo Security

Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, and is a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Up next

From November 25, 2020:
Channelling Our Talent: BeyondTrust Champions Scoop Two Awards
From December 1, 2020:
Cloud-Based Privilege Management: Securing Credentials & Access

You May Also Be Interested In:

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

Webcasts | January 27, 2021

AN ANALYST’S TAKE: Securing Privileged Identities & Remote Access in 2021

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.