Remote Access Methods and Techniques
Having the correct systems in place to ensure that remote employees are able to work as if they were in a corporate office is called “remote access.” Whenever transactions occur between a remote worker and the corporate environment, both entities want to ensure that security is implemented. Remote workers need to know their data are not shared with outside entities. IT security personnel need to know the correct person is gaining access to the internal network, and that the correct access is being provided once those users are on the network. Implementing identification, authentication, and authorization for remote access assists in this protection.
Implementing various technologies and addressing remote access concerns ensures your systems and data are protected. You will learn about a variety of remote access technologies and their benefits throughout this chapter. First, it’s important to understand the concerns associated with remote access:
- Remote access connections usually remain open for an extended period of time. This may cause a security problem. Leaving connections open allows attackers to gain easy access. It is a common practice to close connections automatically after some time, such as 24 hours.
- Remote access solutions, such as VPNs, do not protect the computer system. An employee may use a business laptop to do personal activities such as surfing the web and shopping online while he or she is on a public, unsecured network, such as a hotel’s wireless network. While the employee is using the unsecured connection, malware may infect the system. The next time the employee connects to the corporate network via a VPN connection, the malware can spread to the corporate network. It is essential that mobile computer systems are protected with antivirus software and appropriate controls. The software and controls help protect the system when it is both on and off the corporate network.
Whenever transactions or communications occur on a network, it is important for users to provide identification and for organizations to ensure users are authenticated and authorized to perform actions, such as downloading data from the organization’s intranet. This occurs in three steps: identification, authentication, and authorization.
Identification
Identification is the process of uniquely distinguishing an individual. In most cases, identification needs to be provided prior to authenticating the user. Common forms of identification are a name or an account number. Identification can refer to a person, computer system, or program. Identification is important because if, for example, everyone had the same bank account number, it would be almost impossible for a bank to know how much money you have in your account. In a network environment, a username is your unique identification. Some organizations also provide employees with a corporate identification number or a badge number as a separate identification mechanism.
Authentication
Authentication is the process of verifying that users are who they say they are. Access and privileges should not be provided to a user unless verification has occurred. Authentication can take many forms when it is based on identity. Every form of authentication is based on something you have, something you are, or something you know.
You can set up a remote access authentication using authentication methods such as multifactor authentication. Most enterprises implement two-factor authentication, such as requiring a personal identification number (PIN) and token when connecting to the internal network via a VPN. This is necessary because the security concerns specifically associated with remote access are greater. Allowing a remote computer to directly access an organization’s network poses a high risk. It is necessary to use stronger authentication methods so that identity verification is correct and is not being mimicked by an attacker. Remote access authentication can also be achieved through protocols that you will learn about later in this chapter.
Authorization
Once authentication is completed, authorization can occur. Authorization is determining which actions are allowed or not allowed by a user or system. Although a user may have provided identification and been authenticated, this does not mean the user is authorized to access all systems or run all commands. Once the user performs an action, mechanisms such as an access control list are used to authorize or not authorize user actions. Although authorization is not necessarily tied to remote access, it is important to understand how access control systems work together and complement one another. Remote access is an important part of the infrastructure, and authorization provides a secondary layer to securing the network and data that reside on the network.