Comparing 4 Remote Access Paradigms for Supporting Today’s Remote Work Requirements and Risks

Webinar Registration

Remote access is nothing new but the old technologies do not fill today’s remote work requirements nor address today's risks. In this real training for free event, I will compare and contrast the three traditional remote access technologies:

  • VPN
  • Direct Access
  • Remote Virtual Desktop

I will show why these do not fit the needs of today’s multi-form factor BYOD environment and, more importantly, their risks.

Then I will look at more modern remote access technologies:

  • Web application security and remote access
  • Granular remote access to CLI and GUI

These newer remote access technologies are doing more than just forwarding inbound connections on a given port or federating authentication to a web application. Modern remote access technologies are an intelligent but largely transparent interface between the remote user and the delivered resource. Modern remote access does more than just provide a strongly authenticated session to a published resource. Instead you can implement much more granular security policies to carefully limit which areas of an application the user can access or which commands they can run from the CLI.

At this point, Chris Widstrom and Nick Hunter, from our sponsor, Thycotic, will take over and show that when you trust out-of-the-box RBAC controls, you’re still not implementing least privilege. Here are just two scenarios where risks remain because privilege controls could not limit the actions of a privileged user: 

  1. Web applications will typically give you the ability to define roles and groups and assign a standard set of privileges that limit what every user and/or group can do within an application. It’s blindly assumed this is enough because it worked for traditional applications, so why wouldn’t it work for web applications?
  2. Most operating systems have implemented a great deal of RBAC controls, especially over the last 3-5 years, that address everything from application privilege elevation controls to removing local admin accounts and forbidding the use of direct root access to NIX servers. However, organizations still blindly trust admins with SSH access that provides them with elevated privileges. Some controls are in place to monitor and audit SSH activity, but they typically lack ability to control precisely what commands can be run.

Please join us for this real training for free session.

First Name:   
Last Name:   
Work Email:  
Phone:  
Job Title:  
Organization:  
Country:    
City:  
State:  
Zip/Postal Code:  
Industry:  
Company Size:
 

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us.

 

 

Additional Resources