How to secure remote management software

Remote management software is a boon to infosec pros, for it allows them to access to servers and access employee desktops for maintenance from any client. But the tools also can be used by threat actors to gain control over devices and assemble botnets used for distributed denial of service (DDoS) attacks — like Murai — and network intrusions.

In a blog this week European security researcher Koen Van Impe reminds administrators of the importance of securing these tools to ensure IT isn’t unwittingly giving help to the enemy.

He identifies three potential problems: Weak credentials (poor passwords) , weak controls (access should only be allowed from a trusted network), vulnerable applications (unpatched approved remote management software) and unauthorized remote management software on the network.

To protect against unauthorized  use of your remote management software CISOs have to enforce standard password hygiene, including limiting the number of admins allowed to use the software, requiring strong password credentials, using two-factor authentication and monitoring who is using the software and when.

As for detecting unauthorized remote management software, Van Impe reminds CISOs they have a number of tools including

  • Raise awareness among users about possible security issues;
  • Scan internal networks for unauthorized software;
  • Scan from the public internet;
  • Use software management to detect unauthorized software;
  • White-list applications to prevent unauthorized software;
  • Review outgoing networking flows using intelligence and network information to spot unauthorized remote management flows; and
  • Apply proper firewalling and segmentation.

Remote management software is a vital tool for efficient management of an enterprise network. It shouldn’t also be an efficient tool leveraged by threat actors.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now