Security Is Often a Weak Link of Remote Access
In April 2020, just as millions of office workers began their foray into WFH practices, Cato conducted the “Enterprise Readiness to Support Widespread Work-from-Anywhere” survey pertaining to enterprise readiness to facilitate remote work. In sampling nearly 700 organizations, Cato found that nearly two-thirds of respondents (62%) have seen remote access traffic at least double since the outbreak, and more than a quarter (27%) have seen remote access traffic triple.
Of critical concern is how enterprises enforce security policies on their expanded remote workforces. The survey found that most respondents fail to employ at least one key measure needed for enterprise-grade security:
- Multi-factor authentication (MFA) for validating user identity,
- Intrusion Prevention for identifying network-based attacks, or
- Antimalware for preventing threats posed by malicious content.
While MFA has become standard even among consumers, more than a third (37%) of respondents don’t use MFA when admitting remote users, instead relying on Single Sign On (SSO) or username and password. As for preventing attacks, more than half of respondents (55%) fail to employ Intrusion Prevention or antimalware. Even worse, 11% fail to inspect traffic altogether.
Used by 64% of the survey respondents, VPN servers are the dominant point solution to enable remote access. While VPNs provide traffic encryption and user authentication, they are a security risk because they grant access to the entire network without the option of controlling granular user access to specific resources. There is no scrutiny of the security posture of the connecting device, which could allow malware to enter the network. What’s more, stolen VPN credentials have been implicated in several high-profile data breaches. By using legitimate credentials and connecting through a VPN, attackers were able to infiltrate and move freely through targeted company networks.