So after a nice Thanksgiving holiday here in the U.S. last week, we come back to news of yet another hack involving credentials to remotely access a network. As detailed here, SP+, a parking facilities operator, announced that their systems had been hacked by an unauthorized party using a remote access tool which was apparently only secured with a username and password.
As I have said before, you need to be able to ensure that entry points to your network are well secured. Providing remote access to your network, whether for users to gain access to internal services or third party maintenance or partners, is a critical point of vulnerability. These are authorized holes in your network perimeter and you need to have high assurance of their protection.
As always though, it is critical to provide security which is cost effective and easy to manage. While long considered the gold standard, tokens such as the RSA SecurID are generally quite expensive and always the easiest to manage. Providing expensive tokens to every user that needs remote access is usually a game stopper to the solution, leaving organizations more vulnerable than they need to be due to the costs involved. GreenRADIUS, paired with YubiKey tokens, provides the simplest, most cost-effective solution to providing secure remote access. Simple-to-use tokens that are cheap enough to almost be considered disposable (not to mention without a battery that limits their useful lifespan) combined with a streamlined RADIUS solution can bring security to any organization.