Palo Alto Networks’ recent advice on controlling remote access tools in the enterprise was prompted by Google releasing a remote desktop control feature for Chrome, which also has the ability to be configured “to punch through the firewall.”
As Palo Alto Networks points out, the 2011 Verizon Data Breach Report showed that the initial penetrations in over 1/3 of the 900 incidents analyzed could be tracked to remote access errors.
Here are Palo Alto Networks’ recommendations:
- Learn which remote access tools are in use, who is using them and why.
- Establish a standard list of remote access tools for those who need them
- Establish a list of who should be allowed to use these tools.
- Document the usage guidelines, complete with ramifications of misuse and educate ALL users.
- Enforce the usage using traffic monitoring tools or better yet, a Palo Alto Networks next-generation firewall.