Call us on 0808 500 1436

Remote access: a fresh opportunity for hackers?

As we all remember, in May 2017 NHS England fell victim to a vast global cyber attack; the WannaCry virus. The ransomware attack encrypted hundreds of sensitive files, hitting 48 NHS England trusts — one in five across the country.

And, according to the ECRI Institute’s annual Top 10 Health Technology Hazards for 2019, remote access systems are now the biggest security threat to the healthcare industry.

Worryingly, the report also explains that once hackers gain access to remote systems, they can move around the healthcare network, install ransomware, steal or encrypt data, or hijack computer resources.

But it’s not just the healthcare sector that’s at risk — with a greater number of businesses encouraging a digital workplace, BYOD and remote working, it has never been more important to ensure you have robust safeguarding processes against all your remote access points.

Why are remote access systems more vulnerable?

Remote access software allows a computer’s desktop environment to be run remotely on one system while being displayed on a separate client device.

Such systems are incredibly useful if you’re a future-focused business running a digital workplace with enhanced mobility for your workforce. Nevertheless, remote access systems are a common hacking target because they are, by nature, remotely accessible.

With so many devices remotely connecting to your network, there’s more exposure than ever to security threats of varying sophistication.

There are several ways hackers can gain access to a network using these systems. These include lack of intrusion or threat detection, poor governance for installing remote access software, and weak remote access account passwords.

How can businesses protect themselves?

Despite the threats, the risks around remote access are not to be feared — there are tactics business can deploy to ensure their access points are fully-protected.

There are two important aspects to securing your remote access systems. Firstly, you need robust access rights and layers of protection that safeguard your core information and most valuable data. You also need safeguarding technologies that identify, protect, and monitor all remote access points.

Touch Secure, for example, is a cloud-based Security as a Service (SECaaS) with 24×7 x 365 proactive monitoring, immediate intrusion detection and threat response using advanced detection techniques. It also sits on the G-Cloud 10 framework, so it’s ideal for public sector bodies like the NHS.

Share an effective remote access policy

Secondly, a reliable cloud-based security technology must go hand in hand with an up-to-date and well-circulated remote access policy for your IT team and the rest of your staff.

Such a document will ensure you (and they) are adhering to recommended cybersecurity practices, instituting a strong password policy, maintaining and patching your systems, and routinely logging system access.

As well as outlining issues such as using strong passwords, listing unauthorised sites and explaining how to manage suspicious emails, your remote access policy should address the following areas:

  • Ensuring remote devices have the latest anti-malware and updated operating systems
  • Assessing whether devices can be used for personal business
  • Are devices connected to a Local Area Network (LAN), Virtual Private Network (VPN), or other service?
  • Whether the employee can store sensitive information on the device
  • Are devices adequately protected?

It’s perfectly possible, therefore, to allow your workers to remain proactive when working away from the office, whilst ensuring your core information and systems are protected.

With a managed security solution like Touch Secure, coupled with a thoughtful and well-disseminated remote access policy, your entire business will be entirely protected from the inside, as well as from the out.

Up next

Your business doesn’t understand email security — 4 ways to tackle it

As an IT professional, no doubt you’re familiar with the ongoing security risks with business email, but the remainder of your business might not be. Despite rumours to the contrary, email is still an incredibly popular form of corporate communication. But, with one in every 100 emails disguising a hacking attempt and the majority of workers unfamiliar with the security flaws of emails, organisations must be extra vigilant to the risks.

We’re seeing an influx of SAML-based SSO business collaboration tools like Slack, yet a huge amount of sensitive information is still shared via email. And, to the majority of your workforce, email is perceived as the most trusted, secure and reliable mode of communication. Despite this, when it comes to securing email communications, many organisations tend to rely on legacy, rule-based security platforms.

Here’s what your staff may not be on the lookout for, and how to keep your internal and external email services secure:

Phishing attempts

Does your whole workforce know what a phishing attempt is, and what to look for?

With phishing, the goal of the perpetrator is to fool the recipient into providing personal information. To you, the signs may be obvious, but this may not be the case for less technical staff members. Preying on the least vigilant, the hacker’s job is made far easier when the staff member is blind to the key signs of a ‘phishy’ email. And this could be anyone from members of the C-suite to your summer interns.

The simplest solution? Run regular (and thorough) phishing vigilance workshops to educate all your staff. If your business has a high staff turnover, once a year is probably not often enough.

In your training, provide multiple visual examples. Explain never to pass over sensitive usernames, passwords, internal information or credit card numbers. It’s worth also outlining that some phishing emails are incredibly realistic, trying to hoax users into believing that their business account, password, or credit card has been compromised, directing them to a fake site.

Ensure your staff know who to contact — and not what to do — if they suspect a phishing attempt.

Viruses

Your staff may have heard of a Trojan, but do they know when and how they may be at risk?

Although ransomware, Trojans and worms can originate from a number of external sources, most malicious viruses can find the way into business systems through your workers’ email attachments and compromised links.

Most viruses are activated when your users open an attachment or clicks a link, but if your email client allows scripting, they can receive this virus by simply opening a message. But, how can your staff be aware of suspicious content before they’ve even opened their mail?

As you probably know, the safest way to view email messages is in plain text. Yet not all your staff will be prepared to change their view settings for security reasons. In that case, it’s essential that your email security software has next-generation firewalls and robust email filtering to catch such emails at the source. This should include antispam and antivirus services which examine your emails, searching for and removing viruses, Trojans and worms.

Email hacking

Sophisticated hacks can be incredibly tricky for your operational staff to spot, particularly if they’re expecting communication from a real businesses that’s used as a spoof.

In 2017, there was a huge surge in the number of email intercept fraud cases. In many cases, criminals hacked into real accounts and emailed their customers, masquerading as an employee from that business. As you know, these threats are evolving in sophistication and emerging every day.

“Email hacking due to increased use of web-based mail applications and a lack of basic security controls amongst SMEs will lead to a huge increase in social engineering scams. Cyber criminals will craft increasingly convincing emails to con unwitting recipients into transferring funds directly into the criminals’ bank accounts.”

Graeme Newman, chief innovation officer at CFC Underwriting

So, what is the best solution from a technical position? Ensure your managed or internal security solution has a sandboxing feature.

There are dozens of new email threats that appear every single day, many not yet discovered by email filters. Whilst traditional inbound email filters scan for known malicious senders, URLs and file types, sandboxing ensures any email that passes the filter containing unknown components can be tested before they reach your network or mail server.

The sandbox must be a secure, virtual environment that accurately emulates the CPU of your production servers.

Misaddressed emails

To your staff, it’s just an innocent typo. To your business, it could generate a mission-critical data breach.

Your business doesn’t understand email security — 4 ways to tackle itAccording to IBM, 95% of all security incidents and data breaches involve some level of human error. This can be as simple as an address typing error, which then puts sensitive information directly in the hands of a perpetrator.

In fact, misaddressed email was one of the biggest forms of data loss, last year. Such data breaches — those that are a result of human error — are unhostile and unmalicious. But if anything, this makes them harder to prevent, and the consequences can be just as catastrophic as an external hack.

A misaddressed email can be blamed on any number of factors, including human laziness and email autocomplete gone awry. You can, firstly, impress upon your staff the importance of re-reading and confirming their send addresses. But on top of this, consider the strength of protection against accidental misuse in your security solution.

For example, Touch Secure, Intercity Technology’s managed, cloud-based Security as a Service (SECaaS), has layers of security between end users and the Internet, protecting against accidental misuse by external and internal agents.

The answer? Education and technology.

Despite the increased risks, email will continue as a popular form of business communication for many years to come. And it will continue to be trusted and relied upon by all your workforce.

So, ensure you have regular and thorough staff education. Advise your email users:

  • Never to open anything that is attached to an email message, or send over critical information, unless they recognise the sender and the contents of the file.
  • If they receive an attachment from a familiar email address, but were not expecting it, they should contact the sender before opening the attachment.
  • If they receive a message from an unknown user with an attachment, they should just delete the message.

Secondly, it’s imperative to keep your email security services up-to-date and ensure they are up to the task. If your business is lacking a set of reliable internal security controls, why not work with a trusted a third-party security provider insead?

For example, Touch Secure is a managed, next-generation SECaaS which provides control over all your IT applications and email services. It includes sandboxing features, robust intrusion protection as well as traditional firewall features, and anti-spam filters.

So, as an IT professional, you may be fully-aware of the high-profile risks associated with emails, but don’t assume your staff are as up-to-speed. You may never entirely eliminate the risks of email security, but with internal education as well as cloud-based SECaaS, you will cover as many bases as possible.

Subscribe to our thinking