FINANCE

Secure remote access, everywhere

When working remotely is a necessity

Route1 Secure remote access

The largest work-from-home experiment in history—forced upon us by the recent coronavirus—taught us to change the way that we approach many aspects of doing business. From remote customer solutions, to rethinking office space and meetings, to the design of corporate security architecture, lessons all stemmed from the requirements of physical distancing.

Work-from-home is, of course, where frailties in cybersecurity and network architecture became exposed and turned into liabilities. Like their colleagues in many other industries, financial industry IT teams turned to that 1990s technology, the virtual private network (VPN), as the workhorse that would keep the data of suddenly-remote workers—nearly the entire workforce—secure. It was a stopgap approach that leveraged a legacy technology already in place and, for want of time more than any other factor, ignored the strategic need to transition to zero-trust, identity-centric security.

1990s IT to the rescue

One issue that remote workers and IT staff alike noticed with VPN right away was that traffic slowed to a crawl. That’s because at the office, the cybersecurity stack handled most of the Internet traffic. With just a few remote users at a time, the VPN was never a chokepoint. Employees simply connected to a cloud application from the office, utilizing very little bandwidth in the process. The cybersecurity stack provided verification, and off you went.

When employees connect to a cloud application from home with VPN, they create a secure tunnel across the public internet to a centralized VPN at the office, which then creates a secure tunnel across the public internet to the desired cloud application. It’s an inefficient workflow that quickly overloaded VPNs and made them susceptible to things like distributed denial-of-service (DDoS) attacks.

Route1 Secure remote access
Route1 Secure remote access

1990s IT to the rescue

One issue that remote workers and IT staff alike noticed with VPN right away was that traffic slowed to a crawl. That’s because at the office, the cybersecurity stack handled most of the Internet traffic. With just a few remote users at a time, the VPN was never a chokepoint. Employees simply connected to a cloud application from the office, utilizing very little bandwidth in the process. The cybersecurity stack provided verification, and off you went.

When employees connect to a cloud application from home with VPN, they create a secure tunnel across the public internet to a centralized VPN at the office, which then creates a secure tunnel across the public internet to the desired cloud application. It’s an inefficient workflow that quickly overloaded VPNs and made them susceptible to things like distributed denial-of-service (DDoS) attacks.

Route1 Secure remote access

Don’t move data

The biggest issue with VPNs, however, concerns a more fundamental aspect of cybersecurity architecture: moving data. As soon as you move data outside of the corporate network, there is a risk. If the phone or laptop it resides on gets lost or stolen, it’s a potential issue. The same is true if a cybercriminal gains access to a VPN server or crack VPN encryption, both of which can occur.1 In January 2020, the Department of Homeland Security issued an official alert2 regarding the vulnerability of over 14,000 VPN servers worldwide—the same issue that enabled hackers to enter and ransom Travelex systems around the world.3 For further reading, see What Is a VPN?

“As soon as you move data outside of the corporate network, there is a risk.”

Access data in place

Finding a way for employees to access their full desktops, cloud applications and everything else securely, while positively validating the identity of mobile users, has proven challenging. The solution is to avoid moving data entirely. Enable personnel to work with the data, but leave it in place. Thanks to accredited Route1 solutions, professionals in many industries, including U.S. military personnel, have the ability to access their full desktops from anywhere. They do so entirely securely, from non-secured devices on public networks—without moving data.

Keeping Data Secure

 

Route1 builds technology solutions with security as a first principle. That’s where our organization began and where it continues to excel: we invented data security and user authentication technologies that landed us patents in Canada and the U.S. and technology accreditations (ATOs) with the U.S. Department of Defense. From remote user authentication to a secure remote access solution that delivers their trusted desktop to personnel wherever they are, we help businesses of all kinds deliver military-grade data security.

 

1Flaws in 4 popular VPNs could’ve let hackers steal your data, researchers say, Cnet, May 2020

2CISA Cyber Infrastructure Alert (AA20-010A), January 2020

3Air Travel Cyber-Attacks: New York Airport Hit, Travelex Exchange Held to Ransom, Forbes, January 2020