How have COVID-19 attacks on digital security evolved?
Remote access technologies and the risks involved
You need to consider some risks associated with this increase in remote connectivity. To do this, we present a sample of the easiest remote accesses to put in place. These models represent only a sample; each organization must consider its risks before deciding which one to apply. It is also important to take these models into account for vulnerability management. Mainly to exercise automation more effectively.
The simplest and least secure access method is Microsoft’s Remote Desktop Protocol (RDP). This protocol exposes your network to the Internet. It is a practice that is widely used worldwide by many Incident Response companies. However, more mature organizations prohibit direct access through appropriate firewall restrictions and settings.
Another of the most common implementations that we find for companies is a VPN solution. We see organizations put in place this tool to provide greater access to the inner network. There are two types of usable VPNs: Split Tunnel and Full Tunnel.
In the Full Tunnel, receiving and transmitting data goes through the VPN connection. This connection goes between the computer and the network or server to which it connects. Split Tunnel, configuration transmits only certain data through the VPN. This way, we can filter the most confidential information so that it goes only through the VPN. Yet, less relevant information or data would don’t go through the tunnel.
Having a split tunnel offers a couple of advantages, such as faster and more efficient service. Because the VPN bandwidth only works for sensitive data. Furthermore, confidential data can be completely segregated from internet traffic.
Given the significant increase in recent remote work, companies with full tunnels are migrating to split ones. Keep in mind that this technology is difficult to put in place for automation.
The latest emerging remote access model is the Zero Trust. This model uses an identity provider to grant access to applications. This determines authorization rights based on both the user and the device. Common authorization rights include device and user identity checks. The origin of the login and user functions are also evaluated. While some organizations use this model, many continue using VPN access as a backup.
The importance of automation for vulnerability management
The best solution for automation
For vulnerability automation, our recommendation is Rapid7’s InsightVM. Your automation processes for patching, for example, use the automation assistance system. This tool enables the least necessary human interaction within the automated workflow. InsightVM allows you to automate workflows for assets or vulnerabilities.
Rapid7’s InsightVM is an automated solution to help improve the efficiency of patching. Besides, it addresses all the steps in the vulnerability risk management process. InsightVM can provide clarity on risks, the influence of security, and see multiple progress. All this reduces risk throughout your organization.
If you want more information about this tool, do not hesitate to contact us. At GB Advisors we offer the best solutions on the market. We offer you a team of professionals ready to advise you on your way to a more efficient IT environment.