An IDSA study found that 79% of enterprises have suffered an identity-related breach. At ManageEngine, we understand how important identities are to the overall security posture of an organization. That’s why this Identity Security Week, we’re offering a series of blogs to spread awareness about the importance of identity security and what simple measures can help improve the security of your organization.
Let’s kick off the series with a trending topic—remote work. Today’s enterprises are focusing on how to keep all hands on deck—at least virtually. Whether partially through a hybrid work model or with a complete work-from-home system, remote work is here to stay.
Extending access to enterprise resources from remote sources requires additional measures to uphold access security without compromising on the user experience. While most enterprises get the basics down—VPN, RDP, and ports—the finer details are often missed.
Fortifying remote enterprise endpoints
A report by Nuspire indicates that VPN attacks exploiting vulnerabilities in Fortinet’s SSL-VPN and Pulse Connect Secure VPN increased by nearly 2,000% in 2021. Using these attacks, threat actors were able to exfiltrate information and deploy ransomware in many organizations.
Proper authentication systems must be in place to secure access to the network. Remote login processes need to be as secure as if not more so than local login processes. Implementing MFA and ensuring all possible entry points are protected are also key. For example, while protecting remote desktop logins, authentication must be escalated for remote login attempts both originating from targeted machines and targeting these machines. Additionally, opting for advanced authenticators such as biometrics and hardware keys ensures a stringent yet convenient identity verification process.
Optimizing remote password management
User experience is key to improving productivity. When working away from the office, employees can face hiccups in accessing corporate resources. Without straightforward access to the help desk, password-related incidents like forgotten passwords and lockouts can disturb the remote employees’ workflow.
Empowering remote users to reset or change their passwords from their devices helps ensure security without affecting productivity. An automated email or SMS notification system ensures that even VPN users who can’t receive domain notifications are kept in the loop about impending password expiration. A self-service password reset solution with cached credentials update capabilities helps remote users manage their passwords without disrupting their workflow.
Our solution to your remote work needs
A fine-grained and holistic solution that covers all these bases is instrumental in creating a successful remote-work model. ManageEngine ADSelfService Plus checks all the boxes of remote work enablement. It offers a three-level MFA for VPN, RDP, and OWA logins; self-service password management from mobile devices; remote cached credentials update; and password expiration notifications.
Download a free, 30-day trial of the solution to see how it can bolster your remote-work system.
Next in the series – Password attacks: How to combat them.