1 / 10

Remote Access Tools Policy

Remote Access Tools Policy. John Jarocki May 2010 GIAC GSEC, GCIA, GCIH, GCFW, GPEN. Objective. Define Remote Access Tools List benefits Describe risks Explain why a policy is needed Provide policy guidance. What are remote access tools?.

hedda
Download Presentation

Remote Access Tools Policy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Remote Access Tools Policy John Jarocki May 2010 GIAC GSEC, GCIA, GCIH, GCFW, GPEN SANS Technology Institute - Candidate for Master of Science Degree

  2. Objective • Define Remote Access Tools • List benefits • Describe risks • Explain why a policy is needed • Provide policy guidance SANS Technology Institute - Candidate for Master of Science Degree

  3. What are remote access tools? • Remote Access is “the ability to access your computer from a remote location,” and “the ability to control the machine once the connection is made.” • Source: TechTerms.com • Examples: • VNC (Virtual Network Computing) • Windows Remote Desktop • GoToMyPC • LogMeIn • WebEx SANS Technology Institute - Candidate for Master of Science Degree

  4. Remote access value Benefits: • Money saved on commuting • Remote access to jobs in progress • Real-time team collaboration • 24x7 Tech support SANS Technology Institute - Candidate for Master of Science Degree

  5. Remote access risks Risks: • Unauthorized access • Malware • Data theft • Compliance • Transitive trust SANS Technology Institute - Candidate for Master of Science Degree

  6. More subtle risks • Several remote access tools have known vulnerabilities or even just “features” users are not aware of • Securing them properly requires careful control of versions and configuration • Let’s look at VNC in more detail... SANS Technology Institute - Candidate for Master of Science Degree

  7. VNCVirtual Network Computing • Originally created at Olivetti Research Labs • Security concerns: • Older and free versions do not encrypt data • Weak password hash and challenge-response • Various vulnerabilities exist • Recommendations: • Use Enterprise version, ssvnc, or wrappers SANS Technology Institute - Candidate for Master of Science Degree

  8. Why do we need a remote access tools policy? • The benefits are obvious, but the policy should clarify the risks • Users are bombarded with ads for the “latest, greatest” tools • Guidelines can educate and empower SANS Technology Institute - Candidate for Master of Science Degree

  9. Policy recommendations • The policy should provide a set of requirements for acceptable remote access tools • Multi-factor authentication • Replay attack defense • Strong encryption • Configuration and reporting SANS Technology Institute - Candidate for Master of Science Degree

  10. Summary • Remote access tools have many benefits • But poorly implemented, they add risk • The policy should: • Define acceptable use • Discuss the cost / benefit equation • Provide guidance and clarification SANS Technology Institute - Candidate for Master of Science Degree

More Related