Secure remote access is used to grant authorized users access to applications, devices, or networks from remote locations. Employees and third parties are provided with granular access privileges based on their roles and responsibilities.
Individuals use secure remote access to enter corporate networks while working away from the office. IT teams often use it to provide technical support to distributed teams. Managers sometimes use secure remote access to gain visibility into employees’ online activities (e.g., when they are online, what they are viewing, or what files they are accessing).
To protect assets and prevent the loss or compromise of sensitive information, secure remote access is supported with multiple security policies, processes, and technologies.
These solutions range from access controls and user authentication to firewalls and endpoint defenses.
Secure remote access best practices include:
- Enforce secure remote access policies for all users.
- Implement an account lockout policy to block access after multiple failed login attempts.
- Install all software patches and updates on a regular basis.
- Mandate the use of complex passwords that are comprised of a minimum of eight characters and include at least one number and symbol, as well as upper and lower-case letters.
- Protect all remote users’ endpoints (e.g., laptops, Internet of Things (IoT) devices, mobile phones, and tablets) using solutions such as antivirus software, endpoint detection and response, endpoint encryption, firewalls, and URL filtering.
- Provide security training for employees and any third parties who use secure remote access.
- Use multi-factor authentication (MFA) comprised of a username and a password complemented with biometrics or authorization codes sent via text message, email, or phone.
How secure remote access works
Secure remote access allows users to safely connect to applications, cloud resources, data centers, or networks from remote devices through unsecured internet connections (e.g., home or public Wi-Fi) as opposed to using a secured corporate network. The basic parts of secure remote access include the following.
Authenticating users for secure remote access
A secure remote access session begins by authenticating users (e.g., people, applications, or systems). This is performed using the organization’s identity and authentication systems (e.g., multi-factor authentication or single sign-on).
Enforcing secure remote access with privilege controls
Another important part of secure remote access is defining and implementing controls that restrict access to users with the authorization and need to utilize resources, as well as which devices are approved to use for access. Once users have been authenticated, access control should be applied, such as according to least privilege, attribute-based access control (ABAC), or role-based access control (RBAC).
Providing protected communication channels for secure remote access
Remote sessions, such as remote desktop protocol (RPD), secure shell protocol (SSH), SQL server sessions, or virtual network computing (VNC), are tunneled through encrypted connections to enable users to send and receive communications without the risk of compromise.
The three types of methods used for secure remote access are:
This is the most common and simplest method and allows systems to connect automatically when an internet connection is available.
This is more complicated and involves an intermediary system to relay messages between two systems.
- Virtual private network (VPN)
A VPN securely connects two systems over the internet by creating an encrypted tunnel.
Why secure remote access is important
Secure remote access is important for many organizations as employees who once worked from offices have shifted to working from home or other locations. Third parties who require access to internal systems also must have secure remote access.
While these use cases are not new, the scale of them has exploded.
Secure remote access must now support many more users and devices, as most users interact with multiple devices to conduct their work.
Among the many reasons that secure remote access is important are that it:
- Enables IT and engineering teams to troubleshoot users’ problems remotely
- Ensures safe internet browsing, protecting users from web-based threats, such as spyware, ransomware, and malware
- Protects all devices connected to corporate networks and systems
- Provides authorized users access to corporate networks from any compatible device, giving users seamless access to data and files
Technologies used for secure remote access
Secure remote access relies on a collection of technologies to provide the protections needed to support distributed users outside corporate networks. The following are examples of the many technologies used to support secure remote access.
Cloud access security broker (CASB)
With CASBs, zero trust policies established for internal systems are extended to cloud environments. Sitting between cloud services and the consumers of these services, CASB protections support secure remote access.
Endpoint security protects the entry points of end-user devices (e.g., desktops, laptops, and mobile devices) with software (e.g., antivirus), policies that dictate how remote devices can be used, enforcement of regular software updates and patch installation, tools that prevent users from downloading or storing sensitive information on remote devices, and systems that detect keyloggers or other dangerous processes.
For secure remote access, firewalls provide gates that can be opened or closed to prevent unauthorized users from gaining access.
Identity and access management (IAM)
Identity and access management is a group of policies and technologies that enable secure remote access by restricting access to resources to authorized and authenticated users for approved uses.
Intrusion prevention systems and intrusion detection systems (IPS / IDS)
IPS/IDS solutions monitor and analyze traffic network traffic for signatures matching known attacks and provide preventions to defend against threats proactively. This functionality can be extended to support secure remote access by including users outside of the corporate network.
Multi-factor authentication (MFA)
MFA verifies identities to support secure remote access. It requires users to provide standard login credentials as well as other identity verification, such as biometrics and one-time authorization codes.
Privileged access management (PAM)
A set of tools that secure, monitor, and manage access from privileged accounts, PAM supports secure remote access by adding an extra layer of protection to prevent unauthorized use of super administrator accounts.
Secure access service edge (SASE)
SASE combines network and security functions into a single cloud service to provide edge-to-edge secure remote access.
This method allows users to use a single set of credentials to authenticate with multiple applications and websites securely. SSO is used to streamline secure remote access processes.
Virtual network computing (VNC)
VNC is usually used by IT teams to provide technical support or for remote collaboration. It provides access to and the ability to control another computer. With VNC, remote users control the other systems as though they were sitting in front of it. VNC allows users to run programs and make modifications as well as view, edit, and transfer files.
Virtual private network (VPN)
VPNs are used to establish secure connections over an external network, typically the public Internet, using authentication and encryption to provide secure remote access. With VPNs, an encrypted tunnel is created to send and receive data securely. Internet Protocol Security (IPsec) VPNs establish connections using the standard IPsec mechanism. SSL VPNs use the Secure Sockets Layer protocol.
Benefits of secure remote access
Allows safe access to resources from anywhere on any device
Secure remote access provides the same availability of applications, data, and other IT resources that users have when in an office—from any device at any location with connectivity.
Enables centralized control over resource access
Secure remote access programs enable IT and security teams to establish and manage granular controls over resources for all users, including those with privileged access.
Enables user access transparency
Secure remote access enables real-time monitoring of remote sessions, providing increased visibility into user behavior, including privileged users.
Expedites helpdesk support
By allowing helpdesk teams to see and interact with users’ systems remotely, helpdesk teams can find issues quickly, speeding time to resolution.
Extends robust endpoint protection to external devices
Well-executed secure remote access applies the robust endpoint protections used for internal systems to the multiple user-owned devices used for remote work, such as laptops, tablets, mobile phones, and IoT devices.
Secure remote access provides users with the resources they need when they need them, increasing productivity.
Increases security awareness
Because secure remote access programs include security awareness training, they help reinforce other security education efforts and enhance users’ overall understanding of the threat landscape and how to avoid being the cause of an incident.
Keeps sensitive data secure
Secure remote access controls access to sensitive data, limiting it to authorized users with approved permissions.
Provides safe and secure web access
Secure remote access offers defenses to protect users from web-based threats that can compromise systems and data. These include everything from drive-by downloads and phishing to cross-site scripting and SQL injection attacks.
Reduces the enterprise’s attack surface
By extending endpoint protections and access controls to external users, secure remote access helps avoid threat vectors.
Supports compliance with data protection and privacy regulations
The data protections that accompany secure remote access help organizations enable compliance with many regulations by preventing data exposure and loss.
Secure remote access and zero trust
Zero trust security means that no one is trusted by default from inside or outside the network, and verification is required from everyone attempting to gain access to resources on the network. Applied to secure remote access, zero trust eliminates the “always allow” privilege for any account and instead provides access to systems and applications to remote users (e.g., employees, partners, machines, or clients) only when it is required.
|Zero trust architecture|
|A zero-trust architecture (ZTA) is an enterprise cybersecurity architecture that is based on zero trust principles and designed to prevent data breaches and limit internal lateral movement. The goal of a zero trust architecture is to prevent unauthorized access to data and services coupled with making access control enforcement as granular as possible. That is, authorized and approved subjects (combination of user, application (or service), and device) can access the data to the exclusion of all other subjects (i.e., attackers). |
—NIST Special Publication 800-207
Zero trust principles that can be embedded in secure remote access programs include:
- Assume the presence of threats
Proactive security measures should be taken to have a strong defensive posture that protects against cyber threats—accidental and malicious.
- Grant access only based on least privilege
Permission to access resources should be limited to only what is required to perform a specific job.
- Minimize the attack surface
Microsegmentation should be used to partition resources to reduce the risk in the event of unauthorized access. Resources should be split according to sensitivity and the access required, keeping assets that would be utilized by different users separate.
- Never trust – always verify
All users, devices, and applications must authenticate and continually revalidate to access any IT resources.
Increasingly, security leaders are moving away from secure remote access programs that depend on VPNs and other methods and embracing strategies based on zero trust. These secure remote access programs provide more granular access controls and increased visibility.
Secure remote access programs based on zero trust principles are proving to be more user-friendly and effective in fighting ever-changing threat landscapes and growing attack surfaces.
Secure remote access is important for many organizations
Most commonly used by businesses that support distributed workforces, secure remote access has become important for almost every organization. Even organizations with on-site staff have found a need for secure remote access, such as a manager who needs to access a system from their phone or laptop while away from the office or virtual helpdesk support teams.
Secure remote access can support the requirements of all organizations—from those with only a few remote users to large-scale enterprises. The protections provided with secure remote access can enable protection for critical assets and sensitive information from accidents and malicious threats.
You might also be interested in:
Smart, scalable, seamless identity security
Trusted by 48% of the Fortune 500