100 word response 1 reference due 6/22/2024


Discussion 3-3: Compliance within the Remote Access Domain

What are some common risks, threats, and vulnerabilities found in the Remote Access Domain that must be mitigated through a layered security strategy?  What risks, threats, and vulnerabilities are introduced by implementing a remote access server? 
Be sure to reply to other students’ responses to continue the discussion for greater depth on the topic.

The remote access domain consists of these common risks, threats, and vulnerabilities:

Phishing is known as a social engineering attack that uses email or text messages to trick users into clicking on a malicious link or attachment. This can lead to malware installation, credential theft, or other attacks.

Unsecured connections are public Wi-Fi networks are not secure, and if an employee logs in to one, company data is vulnerable. It is important to mitigate this risk by employees using VPNs when accessing company data remotely.

Brute force attacks is a common threat against web applications that can compromise user accounts and lead to unauthorized access to user data and transactions.

Lack of monitoring is insufficient monitoring and logging that can lead to delayed detection of remote access attacks. To prevent this, organizations can implement comprehensive logging and monitoring solutions, regularly review logs for suspicious activities, and configure alerts for unusual access patterns.

Poor password management is when weak or repeated passwords can position a risk of unauthorized access, even if a firewall or VPN is in place that includes unauthorized access, stolen credentials, lack of established protocols, unsecured networks, phishing, weak passwords, man-in-the-middle attacks, and malware vulnerabilities.

It is important to have employee education and continual reviews to guide risks against phishing concerns.  Avoiding unnecessary unsecured connections such as free Wi-Fi at Starbucks as well as enforcing VPN connection when not on company networks will limit risk for unsecured connections.  Brute force attacks can be minimized by putting controls in place to avoid direct potential connectivity to critical systems.  Investing in solutions to monitor critical infrastructure is paramount to a successful security posture.  Poor password usage should not be tolerated and should be met with no connectivity without proper standards (Johnson).

The remote access domain is leveraged by any employee, vendor, or contractor that works away from the corporate LAN but needs to connect to review company assets for collaboration or review.  It is important to properly set up the remote access domain in order to ensure that only authorized users are able to have access to the LAN.  No other user may connect through this connectivity to avoid a breach to the entire network.

Organizations currently face the critical challenge of securing their networks and systems from potential threats and don’t tend to believe that remote access is a top security concern.  First goal with remote access policy creation must begin with active remote user account not having direct RBAC connections to internal critical systems and must require avenues such as a jump box with other account for elevated abilities. 

 Important considerations to keep in mind for secure remote access(Bell 2023):

1. Use comprehensive risk frameworks to assess and quantify risk.

· Implementing multifactor authentication (MFA) for remote users

· Using secure virtual private network (VPN) connections

· Regularly updating and patching software

· Monitoring and logging access activities

2. Understand the identity and data pillar of zero trust

· The principles of CISA’s zero-trust guidance is an important piece of the organization’s remote access security posture and establishing a more resilient environment.

3. Establish clear governance and use technology

· Governance establishing clear policies and procedures defining remote access requirements, user responsibilities and incident response protocols with advanced available technologies from leading industry with past performance