Do you currently have remote access to your network, from anywhere you need it? Are you using Remote Desktop Protocol (RDP) or Remote Desktop Connection (RDC) as the means for such remote access?
If you answered yes to both of these questions, then you need to understand that you are utilizing the most insecure method of remote access available. It is common knowledge in the Information Technology and Information Security industries that RDP or RDC, as they are called, are the most commonly hacked protocols to date. These technologies rely on a single point of security – user credentials.
Granted a securely configured firewall can limit which public IPs have access to this protocol from outside of the Organization. However, it has been my experience that most Small and Medium Businesses, or SMBs as they are commonly called, do not have a rock solid, properly configured firewall at the edge of their network. Many use the firewall capabilities built into their ISP provided modem.
So what, you may ask? What does this mean to you?
By utilizing these technologies, you are gambling that your password is the most secure password out there. From my experience, the majority of users do not have secure passwords. Many use the word “password” somewhere in their password. Others use other words contained within the Dictionary, opening you up to a Rainbow attack; where a hacking script tries all words in the Dictionary to gain unauthorized access to your network. Many users have a password less than 8 characters long, or their password does not contain at least 1 uppercase, 1 lowercase, 1 number, and 1 symbol. Thus relying on credentials as your singular point of security is not only foolish, it is incredibly irresponsible of the “Professional” that configured this for you.
So what is the best answer, without hindering your ability to do business from anywhere in the world?
A true Virtual Private Network or VPN connection that is handled by your firewall. A true firewall based VPN utilizes a multi layered approach to secure remote access. A properly configured VPN connection has the following attributes:
First, the configurations of the VPN connection encrypt all traffic passed between your mobile device/computer and the firewall.
Second, the client application on your laptop must be pre-configured to know how to connect with your Corporate firewall.
Thirdly, the connection between your mobile device/computer and the firewall uses a secure channel for communication.
Fourthly, you must authenticate with the firewall using your unique credentials.
Cisco® is well known as the most robust, and the best in terms of Network equipment. Name a competitor and you can rest assured they are working hard to compete with the results that Cisco® has repeatedly delivered, time and again; or they are cutting corners on hardware to undercut Cisco®. As the old adage goes, “You get what you pay for”; which is incredibly accurate when discussing networking hardware and the Professional you hire.
Why 24×7 Protect IT?
To keep it simple, the Professionals at 24×7 Protect IT dedicate a significant amount of their weekly schedules to continuing education. We are constantly researching, learning, growing as humans, and are focused on providing our clients with the solutions they never knew they needed. We are at the forefront of helping SMBs do business securely. Several years ago, I decided to go back to college and to pursue a degree and education in Business Administration – Information Security. It became abundantly clear to me, several years ago, that as an IT Professional it is not enough that we help SMBs do business. We need to help SMBs do business in the most secure manner possible, without affecting the organization’s ability to do business. This is the art, behind the science of IT.
So what are you waiting for? Is now not the time to put over 21 years of IT experience in helping SMBs, all the way down to their end users, do business more securely? Do you not owe this to your customers, whom have entrusted you with their very sensitive non-public information?
Call us today at (678) 606-0018 or contact us and a Professional will be happy to help you!
Paul J. Chrisco
Information Technology Professional