Network and security administrators sometimes evoke images of the Little Dutch Boy from Hans Brinker who stuck his finger in the dike to plug a leak, except for network and security administrators every time they plug one leak a new one springs up. They implement file attachment filters and antivirus scanning on the corporate email servers only to have users access web-based email like Hotmail and sidestep the security. Every time administrators think they have the network locked down some other method of entry pops up- instant messaging, wireless devices, USB hard drives, etc..
Some of these things can be eliminated through firewall or content filtering rules to deny users access to sites that pose a potential security risk. Other things are harder to control except through strict policies and procedures specifically prohibiting certain actions or technologies from the company network and then monitoring and policing to enforce compliance.
Many companies have already addressed the issue of wireless device security. Initially many companies and individuals jumped onto the wireless networking bandwagon for the convenience of being able to wander un-tethered by network cables or being able to deploy more workstations without having to run network wiring through the walls and ceiling. However, many of those wireless networks used no security whatsoever and the ones that did used WEP encryption which proved to be barely better than having no security. This is still a serious problem for many wireless networks, but wireless security has improved drastically.
Douglas Schweitzer, author of Incident Response and columnist for Processor.com, says “There's no denying that wireless networks can help to increase worker productivity and often produces a considerable ROI for organizations with large, mobile workforces. However, it is important to note that there are significant risks involved from any unprotected wireless network. To mitigate these risks, organizations interested in deploying wireless networks should consider a defense-in-depth (layered approach) to security that involves both procedural and physical components such as policies and intrusion detection/prevention. Used in conjunction with firewall and anti-virus, network security administrators can successfully lock down their wireless networks.”
So, now we come to the administrator with all 10 fingers already occupied plugging different holes in the dike: malware, spam, denial-of-service attacks, USB devices, web-based email, etc. and thinking that the network is relatively secure and along comes remote access.
Whether it’s a business partner that needs remote access to the company network in order to facilitate work or company employees or executives that need to access the company network from their home computers in order to remain productive during “off” hours, remote access can create a number of security risks for your otherwise secure network.
