Have Any Questions?
Call Now +65 8749 4825

Work From Home (WFH) for Privileged Users

Adoption of cloud technology and outsourcing of key IT services have become prevalent among small and mid-sized enterprises.

With the world in lockdown and economy in isolation, if your workers and vendors are not already providing you services and managing your data, applications, and systems from a remote location, they would be now.


This should be a cause of concern to many security-conscious businesses, CXOs, and security managers as it exposes risk in areas that become difficult to control compared to a closed enterprise environment.

Challenges of a remote workforce and vendors;

  • Good anti-malware is just part of the puzzle and no longer enough
  • Can you really trust your privileged user and administration? 100%
  • VPN is not efficient and does not control access for users on a need to basis
  • Password and people are no longer reliable
  • Endpoint security outside the corporate firewall
  • Use of non-company machine
  • Use of company machine with insufficient restriction and cyber hygiene
  • Risk of third parties hijacking
  • Risk of staff accessing system they are not supposed to
  • etc

To address both internal threats and risk from vendors, even if no formal ISMS is in place, having these key controls give the most value in securing your important data;

  • Adopt a security framework, hire a vCISO, establish your security policies
  • Train your users, give clear guidelines
  • Implement strong ISMS controls, esp. access control, and vendor mgt
  • Trust no one
  • Secure all access
  • Separation of duty among staff and vendors
  • Allow access to servers on a need to basis
  • Record all sessions for deterrence and forensic
  • Adopt MFA/2FA for all access and log on

Insyghts work with our partners to put together a solution stack that helps manages privileged users of your infrastructure, systems, and data.

Users working on corporate or own computers from external locations should have strong Yubikey 2nd-factor authentication to both their endpoint, network, and application using a single hardware 2-factor authentication device.

Netfoundry SDWan and SASE will help secure and accelerate any remote access to corporate infrastructure or cloud

Control and record all remote sessions for privileged users and administrators to your infrastructure and servers using SSH PrivX


Related Posts