By Michael Oldham
Fourteen companies – including tech giants IBM, AT&T and Verizon – pulled out of the RSA Conference in San Francisco last month due to fears around the spread of the Coronavirus known as COVID-19. For the same reason, Salesforce converted its World Tour event scheduled for Sydney, Australia, to a virtual event only.
Several other organizations have flat-out cancelled their events, according to TechRepublic – the Game Developers Conference, F5 Agility 2020, Facebook F8 Global Developer Conference, the Google News Initiative Summit, HIMSS and Cisco Live Melbourne, just to name a few. Governments around the world are now banning large public gatherings and advising those possibly exposed to COVID-19 to submit to a “voluntary self-quarantine.”
This isn’t the first time that global health or public security concerns have prompted such drastic steps – there was the H1N1 pandemic in 2009, the SARS epidemic in 2003, and the 9/11 attacks of 2001.
Each time, businesses were forced to reexamine their business continuity strategies within the context of their existing infrastructure and the global slowdown of the normal ways of doing business. Each time, those strategies were found to be wanting. And each time, too many organizations didn’t pay close enough attention to adequately prepare for the next global disruption of their business.
Today, more than half of companies around the world don’t have any business continuity plans in place to deal with emergencies such as the COVID-19 outbreak. Of those that do, 92% are planning to have their employees work remotely.
The good news is that today there are better options to more securely ensure the continuity of your business operations, especially when it comes to remote access. Total Access Control from PortSys securely delivers the same rich experience your remote users expect, through a browser on any device. More on that later.
Consequences of Coronavirus for Continuity
As with previous global health epidemics, Coronavirus is already demonstrating the power it can have to upset the interconnectedness of our business world. With the number of Coronavirus victims worldwide rapidly growing, many businesses will need to support employees who work from home for 14 days – the length of the incubation period for the coronavirus.
While these voluntary self-quarantines get all the media coverage, previous outbreaks also resulted in school and childcare provider closures, requiring large numbers of employees to work from home. “Social distancing” – where workplaces proactively take steps to increase the space between employees and decrease their frequency of contact – also comes into play.
Any or all of these disruptive factors can lead to significant losses in revenue, customers, or for some essential services, even government fines. So an outbreak like Coronavirus has the potential to not only damage a company’s reputation, but seriously hurt its bottom line as well. In a worst-case scenario, the World Health Organization estimates annual economic losses from the global spread of a serious infectious disease could be more than $500 billion.
So how do you know if your organization can sustain operations if half of your staff must work remotely for two weeks or even two months? If you haven’t recently performed real-time testing with large numbers of your employees, you honestly don’t know if your infrastructure is going to be able to absorb such highly elevated levels of remote access required in the event of an outbreak like the Coronavirus.
All too often in past crises, business continuity plans relied heavily on using RDP or adding more VPN connections to handle a short-term volume of remote access. While that may have worked years ago, the explosion of cyberthreats makes that an unwise gamble at best, and a connectivity catastrophe at worse.
Perils of Protecting a Perimeterless World
In today’s perimiterless world, hackers constantly probe your attack surface for openings to execute malware, ransomware, phishing and brute force attacks, business email compromises and other advanced persistent threats.
To allow for all those various access points, traditionally IT teams have put holes (or open ports) in their firewalls. These holes are often protected simply by username and password credentials. And that’s just not enough.
The archaic perimeter defense schemes of yesteryear – frighteningly – are still being used by many organizations today. When an attacker uses valid credentials to attack remotely, they flow right by those legacy perimeter defenses to the soft and gooey middle of your infrastructure. From there they have minimal hurdles to clear, because the assets they are after are directly available – or they simply need to crack the passwords on them, too.
Consider the GoldBrute attack last year that successfully penetrated millions of Windows RDP servers through open ports. Next were ransomware attacks targeting managed service providers and the BlueKeep RDP vulnerability that affected a few million systems across the web, both still hanging around with the potential to spread their pain even further. Then just last month came the report of Iranian hackers exploiting VPN bugs as soon as they become public to launch backdoor attacks on business servers around the world.
These attacks allow hackers to get inside the critical infrastructure of organizations around the globe and wreak havoc. Sadly, the open ports needed for RDP and VPN to connect remote users to your infrastructure are way too easy for hackers to scan for with automated tools, even if you don’t use standard port numbers.
Most organizations do not have enough resources – financial, staffing and technical – or agile processes in place to accomplish a sudden increase in remote access requirements. Even if you think you do, with so many attack vectors emerging every day, you will lose eventually. Especially the more urgent it becomes to ramp up the volume of remote access quickly so your employees can get their jobs done.
More Secure Approach to Remote Access
So what should you do? This week, we notified our PortSys customers that they have the option of rapidly – and securely – increasing the volume of remote access over the short term with Total Access Control (TAC) at a significantly lower price. Once the crisis has passed, our customers can then return to their usual levels of remote access.
Our reverse proxy solution sits between your remote users and the resources they wish to access. We use robust security controls based on your remote user’s context of access to determine who should get access to what within your organization. These controls adhere to your organization’s own security policies before determining whether to permit remote access to your proprietary resources.
Since TAC proxies your remote connections, they are no longer made public, which means automated scans won’t find any open ports in the usual places. Hackers can’t attack what they can’t see. Since RDP and VPN ports sit behind TAC, they are no longer made available to the outside world. Attackers can no longer exploit those gaps.
One final note: TAC is easy to install and can be done in parallel with your existing infrastructure, often in one or two days. This allows your organization to provide remote access much more quickly.
The IT security boat anchor that can drag down your productivity and innovation during a crisis such as Coronavirus has been cut loose. TAC’s solid, highly secure and easy-to-use solution supercharges your ability to rapidly scale remote access for your end users in the most trying of times.
To learn more about how companies use Total Access Control from PortSys to quickly scale to meet their short- and long-term remote access needs, take a look at our case studies.