Ensuring Diligence In The Technology Era
CIOReview
CIOREVIEW >> Telecom >>

Ensuring Diligence In The Technology Era

Carlos Renteria, CISO, Southside Bank
Carlos Renteria, CISO, Southside Bank

Carlos Renteria, CISO, Southside Bank

Businesses today rely on partnerships and the mobile workforce to gain strategic advantages while also balancing the risk that comes with these services. Traditional virtual private networks (VPN) such as site-to-site VPN or remote access VPN, a method to ensure mobile employees are securely connected to headquarters, now require attention to detail. Changes in technology have challenged what we once believed to be set-and-forget solutions.

For business partners that frequently share data and require a site[1]to-site VPN, the two companies agree on the shared access network areas, configure security parameters for the virtual private network “tunnel” with a password/certificate and establish encrypted communication. This is much like a private fiber connection only secured over the internet. As partners merge, relocate, upgrade, or even move to cloud solutions, stale configurations are left behind in critical areas of the network, typically at the perimeter. As a result,what was once a simple solution to establish affordable connectivity is now an inherited technical debt that requires resources to conduct reviews and controls. Establishing controls,such as scheduled VPN configuration review to ensure these critical channels are up to date or still necessary,can help reduce risk and threats. Your organization inherits any oversight from partners or vendors that are connected via site-to[1]site VPN. Controls are needed to ensure that vendor management includes a reminder to partners on meeting certain compliance requirements and review of their own configurations, typically accomplished by requesting SOC reports. As organizations grow and begin to use automation and bots, whether for establishing VPN or conducting security controls, they should take appropriate steps to ensure previous human interaction on these reviews is not overseen by scripts.

“Technology creates opportunities for business, however, proper diligence is required to ensure security is the top priority now and into the future”

For mobile workers needing access to datacenters over internet, connectivity is established with a remote access client installed on a corporate workstation. The remote employee connects to a broadband internet service, typically over Wi-Fi, then initiates a private connection by entering credentials on the VPN remote access client. Typical configurations tunnel all traffic back to the corporate office where proper web filtering and firewalls can continue to protect the end-user. With frequent employee turnover, controls should be in place to ensure prompt de-provisioning of remote access and cloud applications. Daily malware threats create the need to ensure endpoint posture is tested before connecting to the network. The posture assessment ensures basic requirements are met on the remote employee’s workstation before it is allowed to connect to the corporate network. Antivirus software, recent security patches and operating system are some of the basic features that can be checked to reduce risk. As remote users embrace mobility and cloud application, new challenges arise for internet access and reduce the security complexity. Technologies such as endpoint DNS security are a great solution to ensure business is still the primary function while working remotely.

Technology creates opportunities for business, however, proper diligence is required to ensure security is the top priority now and into the future. Increased popularity of automation and cloud applications will continue to shape technology such as VPN. The days of set-and-forget solutions are no more.

Read Also

Impact of Digital Transformation in Retail Space

Robert Sjostrom, President Global Operational Services, Essity

Challenges Over The Past 18 Months

Marc Ashworth, Chief Information Security Officer, First Bank

Information Technology Thought Leadership And The Challenges

Christopher Nichols, Director IT/OT Resiliency & Support, Stanley Black & Decker

Security Architecture In Theory And In Practice: Why Security Should...

Marco Morana, Head of Security Architecture, JPMorgan Chase & Co

How Wi-Fi 6 Will Seamlessly Integrate With 5g

David Haynes, Vice President, Specialty Technologies for Lam Research's Customer Support Business Group (CSBG)

Adopting Digital

Abdullah Sultan Al-Rashdi Head of Digital Strategy & Integration at Petroleum Development Oman