215-489-9718 support@carisma.net
Select Page

Remote Access Shouldn't Mean Giving Up on Security

Providing your team with options for Remote Access shouldn’t have to mean leaving your IT investments vulnerable. 

Letting employees access their business network from anywhere is a benefit not only to them but to your company. They’re able to log in when they’re needed, wherever they are. Setting up remote access means greater productivity, and done properly it doesn’t mean less security.

Password policies

The most important element of security is making sure employees have passwords that are hard to guess. Huge numbers of people use absurdly guessable passwords like “123456” and “password.” Passwords should be long, at least ten characters, and not consist of names or dictionary words.

When people leave the company, you need to revoke their accounts promptly. Even if they aren’t out for revenge, someone could find their passwords while cleaning out their desks.

VPNs and WANs

A virtual private network (VPN) lets remote users access internal services securely. All data is sent encrypted in both directions, so no one can eavesdrop or tamper with the data. Users just need to install a VPN client and set up an account.

A wide-area network (WAN) is more appropriate when a business has more than one branch. Computers at the remote branch are permanently connected to the network, as if they were in the same building. Setting one up is more work than a VPN, but it will greatly improve communication.

Two-factor authentication

Passwords are subject to theft and guessing. Requiring a second form of authentication makes systems more secure. A popular form of two-factor authentication is a a one-time SMS passcode. Intruders who grab a password will also need to intercept the passcode to break in.

Biometric scanning for eye or fingerprint patterns is another way to do two-factor authentication. Requiring a USB key or similar device is a more elaborate approach, but it’s very helpful where security is critical.

Single sign-on

If a business has multiple systems, it can make access simpler with a single sign-on system. Logging in once grants access to all systems for which the user is authorized. This can actually increase security if the focus is on making that sign-on as safe as possible. Employees need just one strong password, preferably with two-factor authentication, rather than a long list of passwords for different services.

Single sign-on is a two-edged sword. A weak system lets intruders access everything if they do get in. You’ve got to combine it with a strong password policy and conservative role management. Users should have access only to the systems they need to use.

Getting it right

Security is a matter not just of technology, but of management and training. For VPNs and password policies to keep intruders out, you need to manage them properly. Talk to our team about how we can help you to set up a network with convenient and secure remote access.