How to support all types of remote access scenarios including mobile users and devices
See how to put the “Secure” in Secure Remote Access Download
Remote access can expose enterprise networks to additional security risks. But as the desire for remote access increases, how can enterprises deliver the security they need without compromising on the obvious productivity gains?
With an increasing number of employees using remote access to corporate systems, security has become a big headache for IT teams.
User authentication and encrypted tunnels were adequate when only a handful of employees had remote access. Now that larger groups of users and a wider collection of devices require access from anywhere, enterprises must take more holistic approach to security.
Secure access in 3 dimensions
One way to do this is to consider security across three distinct dimensions:
The physical dimension
These security considerations include the client device, enterprise network and systems, apps or data. They also take into account the access gateway as well as any ‘downstream’ resources, such as cloud apps.
The logical dimension
Today’s security threats often bypass network-level protocols. Comprehensive protection should involve looking at higher levels of the computing stack. In particular, those that relate to individual apps, business logic or the data itself.
The functional dimension
Multi-vector threats demand multiple countermeasures. These include DDoS protection, data security and malware or advanced threat protection.
Extensive Security capabilities
To address each of these dimensions in the right way, enterprises need extensive security capabilities in three key areas:
1) Access Management
This gives IT teams granular control over which users and devices can access which resources under different operating conditions. Look for identity-based and dynamic access controls as well as centralised policy management. Aim to include secure tunnelling options and powerful proxies.
2) Security Management
A centralised system that simplifies the creation and administration of access policies will save time and effort for IT teams. A robust security management system will ensure users get a consistent set of access rules. At the same time, the enterprise can be sure nothing ‘slips through the cracks.’
3) Threat Protection
Threats target more than just active sessions. Some are designed to take down the remote access infrastructure itself. To deal with these potential attacks, ensure your solution includes network access control lists and a default-deny posture. Also look for multi-layer protocol validation and DDoS protection, plus security that covers SSL, DNS, data loss and malware.
Consolidating access and security management while mitigating security threats can become complex and costly. By consolidating all of these security demands onto a unified platform, such as Citrix NetScaler, enterprises can confidently offer remote access to all users.