Inside the Briefcase

Augmented Reality Analytics: Transforming Data Visualization

Augmented Reality Analytics: Transforming Data Visualization

Tweet Augmented reality is transforming how data is visualized... Membership! Membership!

Tweet Register as an member to unlock exclusive...

Women in Tech Boston

Women in Tech Boston

Hear from an industry analyst and a Fortinet customer...

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

In this interview, JumpCloud’s Antoine Jebara, co-founder and GM...

Tips And Tricks On Getting The Most Out of VPN Services

Tips And Tricks On Getting The Most Out of VPN Services

In the wake of restrictions in access to certain...

Ensuring the Security of Your Remote Access Solution

August 24, 2022 No Comments

By Ben May, Head of Cybersecurity, RealVNC

Remote access solutions are key to developing a successful, efficient work environment for your organization. RealVNC’s remote access product, VNC Connect, is designed for organizations demanding strong security, resilience and peace of mind.

VNC Connect is built on four core security tenets that are intended to provide assurance to our customers that the solution is secure by design:

  • – You don’t have to trust RealVNC as a company to trust our software and services
  • – We do not record your sessions, and data cannot be decrypted now or in the future
  • – Every connection is treated as though it is made in a hostile environment
  • – The owner of the remote computer ultimately decides who is able to connect

How can you ensure your remote access solution is secure? In addition to the four tenets above, RealVNC has outlined five easy steps you can take to ensure security.

Verify Encryption

Encryption should be the absolute baseline when considering a remote access solution. Most remote access solutions are secure straight out of the box. It’s not just about checking the box for encryption, but asking the vendor deeper questions about how encrypted the solution is. Good questions to start with are: What area of the software is encrypted? What type of encryption does each area have?

You want remote access software to be end-to-end encrypted, creating a tunnel from one client to the other. When it comes to data, you should know how and where data is stored. VNC Connect is built on treating every connection as though it’s being made in a hostile environment. If a connection can be intercepted, can it also be viewed or modified?

Configure Secure Authentication

When it comes to authentication, people are often the weakest link–whether because they use the same password for every site that requires a username and password, decline two factor authentication or share passwords far and wide. When considering a remote access provider, ask how authentication works.

Layering authentication also makes things more secure. Usernames and passwords are fine, but the best line of defense is enabling multi-factor authentication, which leads to an approval prompt with each log-in attempt, controlling who has access to software.

Single sign-on authentication is newly available in VNC Connect, meaning users don’t need to remember multiple usernames and passwords–they can have a single sign-on, allowing staff to easily manage password policies

Authentication serves as a safeguard against people being human, allowing remote computer owners to ultimately decide who is able to connect and what permissions they will have. Consider what might happen if your remote access vendor is compromised–will your systems be compromised?

Use Cloud-Brokered Connections to Non-Private Network

Cloud-brokered connections are third-party intermediaries between buyers and sellers of cloud computing services, such as VNC Connect, which enhance the security of your remote access solution. When using a remote access solution and a cloud-brokered connection, the server is on the internet, but instead of opening firewalls, the connection is outbound, enabling connections without placing your server on the internet.

With VNC Connect, you can configure the solution to meet your company’s needs, such as having different authentication options on your account. Cloud-brokered connections benefit from direct access availability. Cloud-brokered connections enable you to remove your fingerprint from the internet, cutting down on the discoverability of your server when it’s being accessed remotely.

Enforce Strong Policies

With remote access solutions, it’s important to enforce strong policies around who has access and specifically what software they have access to. It benefits your company to enforce these policies, preventing users from changing configurations.

Staff should be trained on policies to understand how solutions work and the expectations around using that solution. Staff should be well informed about what they can and can’t do on company machines and ask questions if they need access to something they don’t currently have permission for. It’s wise to have policies around installing remote access software on personal devices–doing so can open the company up to vulnerabilities that otherwise could have been avoided. IT teams should be aware of what software is installed on company machines.

Audits should be conducted regularly because, in the event of a security breach, knowing who connected to which machines and what data they obtained will be crucial to ending the breach as quickly as possible. Some remote access providers even record sessions, so they know exactly what the bad actor was able to access.

Ask for Independent Validation of Vendor Security Claims

Vendor transparency should be taken into account when deciding which vendor to select. Security audits, such as annual penetration tests, are usually done for compliance reasons and scoped to specific areas, rather than looking at the solution as a whole.

RealVNC has gone beyond basic penetration tests by completing a full white box audit with Berlin, Germany-based IT security consultancy Cure53. The audit gave Cure53’s team access to every single component of RealVNC and VNC Connect, including a direct line to its developers, to ensure the security of the product. Asking vendors for proof of this type of audit allows them to prove, without a doubt, the security of their products and solutions.

Keep in mind that remote access software is very powerful; it can bypass any security measures your company may already have in place, such as firewalls. Installing software with vulnerabilities may impact or compromise your company’s machines.

By being transparent about its security levels, RealVNC is saying to the industry as a whole that every remote access company should hold itself to these high standards. You should be asking vendors how secure they are and asking them to prove it.

By implementing these five steps around your chosen remote access solution, you can truly ensure you have chosen the right, most secure system for your company.

Ben May, Head of Cybersecurity, RealVNC

Sorry, the comment form is closed at this time.