As we all remember, in May 2017 NHS England fell victim to a vast global cyber attack; the WannaCry virus. The ransomware attack encrypted hundreds of sensitive files, hitting 48 NHS England trusts — one in five across the country.
Worryingly, the report also explains that once hackers gain access to remote systems, they can move around the healthcare network, install ransomware, steal or encrypt data, or hijack computer resources.
Remote access software allows a computer’s desktop environment to be run remotely on one system while being displayed on a separate client device.
Such systems are incredibly useful if you’re a future-focused business running a digital workplace with enhanced mobility for your workforce. Nevertheless, remote access systems are a common hacking target because they are, by nature, remotely accessible.
With so many devices remotely connecting to your network, there’s more exposure than ever to security threats of varying sophistication.
There are several ways hackers can gain access to a network using these systems. These include lack of intrusion or threat detection, poor governance for installing remote access software, and weak remote access account passwords.
How can businesses protect themselves?
Despite the threats, the risks around remote access are not to be feared — there are tactics business can deploy to ensure their access points are fully-protected.
There are two important aspects to securing your remote access systems. Firstly, you need robust access rights and layers of protection that safeguard your core information and most valuable data. You also need safeguarding technologies that identify, protect, and monitor all remote access points.
Touch Secure, for example, is a cloud-based Security as a Service (SECaaS) with 24x7 x 365 proactive monitoring, immediate intrusion detection and threat response using advanced detection techniques. It also sits on the G-Cloud 10 framework, so it’s ideal for public sector bodies like the NHS.
Share an effective remote access policy
Secondly, a reliable cloud-based security technology must go hand in hand with an up-to-date and well-circulated remote access policy for your IT team and the rest of your staff.
Such a document will ensure you (and they) are adhering to recommended cybersecurity practices, instituting a strong password policy, maintaining and patching your systems, and routinely logging system access.
As well as outlining issues such as using strong passwords, listing unauthorised sites and explaining how to manage suspicious emails, your remote access policy should address the following areas:
Ensuring remote devices have the latest anti-malware and updated operating systems
Assessing whether devices can be used for personal business
Are devices connected to a Local Area Network (LAN), Virtual Private Network (VPN), or other service?
Whether the employee can store sensitive information on the device
Are devices adequately protected?
It’s perfectly possible, therefore, to allow your workers to remain proactive when working away from the office, whilst ensuring your core information and systems are protected.