#trusted
partner
Who's In Your Cloud?
Who's In Your Cloud?
Episode 15: Remote Access Security
/

Episode 15: Remote Access Security

Apr 12, 2022 | CYBERSECURITY, Who's In Your Cloud?

Who's In Your Cloud Blog Header Image

Welcome back to “Who’s In Your Cloud?” 21 Steps to Secure, Reliable, Trusted Technology. I’m Lauren Lev, Marketing Manager for TechOnPurpose, and this is Episode 15: Remote Access Security

Last week, we discussed Wireless Security, a core component of our remote workforce’s journey to connect and conduct business safely and securely. Our cast of cyber experts joined us to help our viewers learn about the need for protection from the growing threat of unauthorized users and malicious actors who seek to access and steal your sensitive data through your WiFi network connections. 

In today’s episode, we’re moving to the next link in the chain and diving deep into the topic of remote access security. We all want the simplicity of working anywhere – from any device, anytime. Few would argue that the pandemic has done a lot to rapidly push this desire to reality for industries and workforces globally. BUT, the big question on any security-conscious IT practitioner’s mind should be, “How do we secure access for our growing and diverse remote workforce – without the burden of complexity?”  

Stay tuned to hear from our partners about the “Do’s, Don’ts, and Gotchas” of secure remote access and their available solutions to ensure protection. We’re very thankful to our cyber expert cast joining us today from Cisco and ConnectWise, as well as Jim Bowers, Independent Cybersecurity Consultant, as they help us educate our clients and prospects on the road to #secure, reliable, trusted technology!

As a reminder, we began releasing a new episode every Tuesday, starting 10/20/21 and will continue to do so through late spring of 2022, with brief time off for holidays with family and friends. We’ll also follow each Tuesday episode release with subsequent Wednesday, Thursday, and Friday posts highlighting our (3) contributing solution partners from that week’s episode. We hope you’ll find this an immersive, hopefully simple, educational, and enjoyable experience. So how do you tune in?

To easily follow the journey ahead, we’ve diversified your access options to all (23) of our coming episodes. You can follow along here on our blog or by any of the following methods:

  • Email Newsletter: sign up at techonpurpose.net/blog and have each episode delivered directly to your inbox when released.
  • LinkedIn:  follow here
  • YouTube:  follow here
  • Facebook:  follow here
  • Podcast:  follow here

Buckle up – it’s time to hit the road to #secure, reliable, trusted technology!

 

Lauren Lev
I’m Lauren Lev, Marketing Manager for TechOnPurpose and host of this vlog series, “Who’s In Your Cloud?” 21 Steps to Secure, Reliable, Trusted Technology, and this is Episode 15: Secure Remote Access. To see more of me and my cyber-crime fighting partner, Matt Tankersley. Check out our previous 14 episodes on LinkedIn, Facebook, YouTube, or Spotify. And if you’re not already getting episodes delivered straight to your inbox, what are you waiting for? Sign up at TechOnPurpose.net/blog. So today’s episode, secure remote access- We all want the simplicity of working anywhere from any device at any time, and few would argue that the pandemic has done a lot to push this desire to a rapid reality for industries and workforces globally. I know getting productive out of the office on the couch has been a blessing and curse for all of us. But I must say I’m still a fan. So the big question on the security conscious IT practitioner mindset needs to be how do we secure access for our growing and diverse remote workforce without the burden of complexity? Because if you’re anything like me, if it ain’t easy, I ain’t doing it. So our cyber expert cast today is here to talk turkey about the “Do’s, Don’ts and Gotchas” of secure remote access. Okay, let’s meet the guys. Back on the vlog again, ladies and gentlemen, we have Independent Cybersecurity Consultant, Jim Bowers. Jim. You’re famous now?

Jim Bowers
Yeah. I probably won’t talk about the magazine because I don’t think many people crochet. I do extreme crocheting, and it’s very interesting. But no, I’m really excited to be here. Lauren, I’ve said it 100 times, I’m a big fan of the TOP21. I think it really sets the bar for organizations to do the best they can to not protect themselves. I’m a big fan of the detection piece. And they’re necessary layers within it. But glad to be here. Looking forward to working with Eric and talking with Eric and Andrew. I got a nice little thing I’m gonna say about Cisco in a little bit, and I’ll wait till that. But thanks, I love being here.

Lauren Lev
Appreciate it. Awesome. Thanks, Jim. Okay, we have Andrew Griffin from Cisco and Frank DePrisco from ConnectWise. Back again. Thanks for coming back guys.

Frank DePrisco
Thank you, good to be back.

Andrew Griffin
Thank you, Lauren. I feel like we were just all meeting up talking about this 21 series. And here we are on episode 15 already.

Lauren Lev
I know halfway through. It’s crazy. Thank you guys for coming back again and again. And introducing one of our own, we have TechOnPurpose’s Senior IT Engineer Eric Cole, ladies and gentlemen.

Eric Cole
Hi, everybody. Nice to be here.

Lauren Lev
Awesome. And then rounding out our TOP team is TechOnPurpose’s Founder and CEO, Matt Tankersley.

Matt Tankersley
Welcome back, everyone.

Lauren Lev
Awesome, guys. All right, Matt, you want to start us off?

Matt Tankersley
Yeah, thanks, Lauren. Let’s plant a few seeds and we’ll just get this conversation moving ahead. So last week, we talked about wireless security and that’s a core component of our remote workforces journey to connect and conduct business as usual. But once we’re online, where are we headed? Right? And that’s where secure remote access comes in a little bit. Now, if you’ve been in a remote workforce role, you probably recall the dreaded VPN that’s always required to connect back to the office. And let me tell you, that’s always a leading category of support tickets for our IT teams like Eric up there. But now, with so much of our systems and data moving to the cloud, it seems remote is the way we all work anyway, whether we’re in the office, if you think about it, or out and about or at home, and how has this cloud migration impacted remote access? And Frank’s gonna bring up an interesting thing I think we’re gonna talk about. It’s not just about remote access for the workforce, but how do we support that workforce? And how do we do that securely? Right? Looking forward to hearing about that, Frank, and without question, we’ve seen the need for the VPN on end user devices. Frankly, from what I can tell it’s dropped drastically as the need to connect to the office is diminished as we’re working in the cloud. And users are simply utilizing secure SSL connectivity to the cloud to get things done. Typically, the need for VPN or not, is driven by the size and type of company you work for, right? Because larger companies are still maintaining servers or application infrastructure that’s in the office or even in their own private cloud and they may still require you to have a VPN. We’re also seeing a significant push toward DaaS (“desktop as a service”) in the cloud, which introduces new and exciting ways to expand this “connect from anywhere/any device” strategy, while simultaneously decreasing cyber risk. As no data ever resides on a remote device, it’s simply a screen-share, from our cloud computer to whatever device we’re on. And now, we don’t care if that device gets broken or stolen, right, because it never had the data on in the first place. But I’m confident our cyber cast will expand greatly on these and other topics related to secure remote access in our session today. So Lauren, how about we meet our episode cast and get the conversation moving?

Lauren Lev
Perfect. Okay, so if you’ve been following along on this series, a lot of familiar faces here. But for those of us who are joining for the first time, Jim, our VIP cast member- I know you’ve done this a lot, but tell us about your background and what you do for TBI besides gracing the covers of magazines.

Jim Bowers
You know, I’m really lucky. It’s a cool point, I think, when any of us get to work in this great cool field of security. But at TBI I’m the Security Architect. And my main goal is to work with our partners and really build out a vendor portfolio that takes a holistic point of view to enable our partners to really get into the audit space that touches every aspect of an organization. So it’s my chance to enable these partners to make this epic, you know, shift in how they’ve done business, and market the skimmer to explode and that’s really exciting. And I get to work with great guys like you. So I’m like a kid in a candy store. So I’m really lucky to be in a space I love and get to talk about it and work with great people. So thank you again for the invite.

Lauren Lev
Always, we love having you. Alright, Andrew, you’re up next.

Andrew Griffin
Yeah, so pleasure to be on here. And always, you know, it’s a joy to come back to talk to everyone here, about security and all these topics that are top of mind or passion for all of us. And I think you can tell, you know, from just the way we talk about it. But if you don’t know, my name is Andrew Griffin. I’m a Technical Solution Specialist. I work over at Cisco. I cover a wide portfolio of cloud security products that range from DNS layer security, full web proxy, secure end device, two-factor authentication. I mean, you name it, I’m sure it’s in there somewhere. And it’s just awesome to be back and to just really deep dive into this, you know, secure remote workforce. Because especially, you know, with the macro environment going on, this hybrid workforce is not going anywhere.

Lauren Lev
Exactly. Okay, Frank, you’re up next.

Frank DePrisco
Hi, Lauren. Hey, Matt. Thanks for having me back again. So my role has kind of changed since the last time I was here. I was previously Director of the ConnectWise IT Nation Secure Team. We were created to help educate and train our partners on better cybersecurity in the MSP space. As of the end of the month, I’m going to be transitioning over to work for the SVP of Cybersecurity Products, as the Director of our Cybersecurity Task Force. I’ll be tasked with creating a certification program for MSPs like you to assess yourself against the advanced level of our MSP plus framework that we created. So we’ll be doing an audited certification, giving you a logo check mark that you can put on your website and promote as being a certified ConnectWise partner. We’re creating new assessments and identifying around CMMC-Cybersecurity Maturity Model Certification this year and NIST 801-171, some of the big topics out there that a lot of MSPs and their customers are interested in. Also creating a third-party vendor management program that our partners can use us to help them manage or they can implement themselves will provide the materials and the assessments. I also work for our business readiness program for partners in our cybersecurity partner program and advise on our Cybersecurity Advisory Council, and I’ll talk more about that later and what they do for our community.

Matt Tankersley
You don’t have enough hats there.

Frank DePrisco
Yeah, this all just happened yesterday. Just found out.

Matt Tankersley
Congratulations. Wow, you just found out, that’s awesome. I will gladly volunteer for your third-party risk vendor management tool because that’s something we’re using quite a bit these days.

Frank DePrisco
Okay, I’ll get you started when we get ready.

Jim Bowers
I got 50 bucks that Tank will be the outlier. Just saying, I got 50 bucks.

Matt Tankersley
That’s a safe bet right there.

Lauren Lev
Yeah, we’ll have to see. All right, Eric. So people might know a lot about TOP, but we don’t know anything about you. So introduce yourself and tell everybody what you do for us.

Eric Cole
Hi, I’m Eric. I’m the IT Ninja-neer. A lot of people ask me, Hey, what do you do? I typically do the stuff that you can’t google. I’m usually that guy. I typically handle most of the virtualization for TOP and anything I can do to help out anybody else. Typically, the guy that tries to figure out the hard problem, so to speak. So I’m glad to be here. Glad to be a part of this and security is always a number one for us at TOP. So it’s always an interest of mine personally, as well as remote working. So I’m glad to be here.

Lauren Lev
I can attest to the fact that he is like the wizard behind the curtain of Oz. Because if I Google it and I can’t figure it out, I’m like, “Eric I have this MAC thing. Can you help me?” He’s like, “Oh God, it’s her again. Sure, let me help you.” He’s always on deck!

Matt Tankersley
I don’t know if everybody on this call, and certainly our viewers, has heard that we have a number of soap boxes around our company. And our favorite one that we always lead with is that we love what we do, we love who we do it with, and we love who we do it for. And obviously, I get the privilege of working with Lauren and Eric daily, and this is a big reason. When we start with that mentality, we end up with wonderful folks on our team like this and then partners like you. Remember the “who we work with is” is not just about our staff and our W2 and 1099s, but our partners. And so, grateful for all of you guys. Eric, glad you’re here, man.

Eric Cole
Thank you. Glad to be here.

Lauren Lev
All right, now that we are all introduced and ready to go, Jim, get us started on remote access security. First talk about what it is and then why is it a hot topic?

Jim Bowers
So what is secure remote access? Actually, probably one- If you look at TechOnPurpose’s TOP21, they’re all important. But I would say in the direction we’re going this is bobbled up and a very critical component, right? And it’s simply for the fact that it’s giving the employee the ability to access company assets or resources or data in a secure fashion, no matter where they are, right? Whether they’re working at a Starbucks, that’s what I like, I don’t like doing work from home, work from anywhere, right? And provide that connectivity or trusted secure connectivity back into their infrastructure to access applications that they need to utilize for their business. So that’s really the remote access portion. Now why is it so critical? Great question. I think we all have had the big RSA token, they realized, oh crap, what happens if you lose that? We’ve all gone through the stages and the iterations of people working from home. But there was a very small percentage, right, that worked from home. And we just flipped that paradigm shift, and when you do that, it causes a lot of problems. And that’s one big issue, but now let’s think about that. To follow that, the applications are moving to the cloud, right? So maybe I rolled out VPN, but now taking it to a central point in my infrastructure is not the most optimal way. Right? So now they’re dealing with that piece. So this secure remote access, simply the fact that we’re not going to go back to pre-pandemic levels, I think is really bubbling up and becoming extremely, extremely critical. And simply that we’re the weakest link, right? We’re not in an office environment, we’re relaxed at home. I may not know not to click the kitty, but I may. It’s really looking good and then my kid runs in and bumps me, right? So being able to control that person and how they access my resources no matter where they are, is very critical.

Lauren Lev
Absolutely. Good intro. Let’s see, Frank. What do you have to add?

Frank DePrisco
Just like Matt said, it’s not just about VPN anymore. It’s more specific than any technology. It should also have a lot of security strategies and policies and processes that companies follow to ensure remote access is secure. It starts with using strong passwords. I’m going to talk more about brute force compromise of credentials a little bit later. But having strong passwords on two-factor authentication and keeping your software up to date are critical to the remote access tools and the capabilities that we have. But it should go further, we should be using firewalls, whitelisting, IPs, that connect to our networks, geo blocking, if possible on your firewall. All help limit the possibility of any remote access that’s not needed. And one of the big things that we talked about in a meeting this week is even the simplest things like having, you know, set up operating hours for all the access to your environment during normal operating hours or normal business procedures should be established. It’s simple things like that that people forget to do. They cause a lot of remote access compromise. And it’s interesting, I just read a statistic today that in 2011, I believe 19% of their workforce was remote. And today, it’s about 63%. So just like Jim said, the number of remote workforce has really taken off, and we really had to make sure we locked down our secure remote access into our environments.

Matt Tankersley
Yeah, Lauren, you know what I thought of when you were saying that, Frank? We’ve been talking so far about how we enable that workforce to do what they do from anywhere. And obviously, the whole point of our cyber series is having the bad guys that are trying to do the same thing. But it really comes to a head when you think about it. If we’re taking extra measures to enable people to work remotely, we have to take extra measures to keep the people out that don’t need to be working remotely. It’s something I thought of when you were saying that.

Jim Bowers
I want to hop in there and say because if you look at the compounding effect of this, what really is the driver of this data? We generate more data, so there’s more applications to consume that data. And now we’re dealing with people consuming that data from places that we typically were not consuming it from. Right. And that’s really why this is so critical to secure remote access. And looking at it differently, just because I have a secure connection, I’m not going to give you the keys to my kingdom. And that’s a whole nother day. I’m gonna pass it off to the umbrella man, Rihanna. I’m Pamela. But really umbrellas, not just an umbrella. It’s a SASE umbrella now, and I’ll let you talk about your umbrella. Sassy.

Andrew Griffin
Great Transition there. Yeah, at the Umbrella. Because you know, when we’re talking about secure remote workforce, I mean, it’s such a broad, but interesting topic. I mean, we’re talking about from, you know, the normal two-factor authentication and making sure that if an end user has a device, we have to make sure who they actually are to go ahead and authenticate to give them the right privileges. And we’re all you know, working towards this lease privilege, right to make sure that someone doesn’t have too much access, right accidentally for compromises. Then when we’re talking about remote, remote workforce, you know, these are somewhat unmanaged devices, but also, you know, particularly managed devices where they’re not sitting behind an off premise firewall. And, you know, they don’t have those on premise kind of security. So how do you make sure that you’re providing the same level of security that someone would come into the office, at home at Starbucks, at remote, regardless if they’re on VPN, regardless, if they’re off VPN, doesn’t matter, the geolocation and finding a level and a balance of security without causing, you know, kind of end user disruption or, you know, kind of business impact of, you know, the sacrifice of what you need to do both? Especially when we’re talking about, you know, moving to the cloud with CaaS applications. And they just, you know, kind of go DIA, like direct Internet access to these public hosted applications. I mean, it’s kind of a point to point connection, right? How do you really provide security to something that’s hosted publicly? Right? So, I mean, we’re talking about all these avenues, you know, it’s just growing wider and wider. And we really need to make sure that in these changes, when we are worrying and making all these network devices, network changes, all these security products, that not only are we protecting our remote workers, but we’re also keeping our on premise workers in the same mindset. Right, so not sacrificing or moving focus to one or the other. And it’s just, I mean, it’s a lot. And that’s why at least from the Cisco side, you have to, you know, in a SASE portfolio,  really kind of cover every avenue that you’re introducing, because there’s new risks at every avenue that you introduce in your network. I mean, you’re talking about duo for two factor authentication. You talk about Umbrella for full web proxy, that now has integrations to kind of cover cloud applications with DLP CloudLock, even scanning for data at rest, right? So you’re like, okay, you have this data hosted in a public cloud. And maybe someone gets in there and embeds malware, and then users download it, boom, right stuff you don’t really think about in that sense and, and just, you know, use an on premise firewalls, cloud delivered firewall, VPN. There’s just so many avenues and so many products that you have to use, because you’re introducing all these new variables of avenues to get to this kind of traffic and these kinds of new environments. So it’s a very interesting kind of ideology that we’re talking about here.

Jim Bowers
When you think about all that’s happening, let’s think about another key piece; We look over data traditionally, traverse across wires, physical wires, right, it’s pretty hard for threat actors to to get in. Now, I’ve got Ultra capacity, I’ve got a gig on my phone. So the data is moving from a harder wired connection where I got plugging in a damp port. Two, oh, it’s running across the air, I got people moving out. I got how they accept applications moving. It’s such a rich environment, and increasing and encrypting that connection is more and more critical, because more traffic is going to move from wired connection to wireless and there’s more opportunity for me to sit out there with a Wifi pineapple and crack into every single one. I know Andrew knows what those are, they’re pretty fun to play with all these things.

Matt Tankersley
I was talking to a customer and they actually had a competitor where one of their employees was at Starbucks, ironically, right and using their public WiFi. And someone mimics or copies the SSID of that public WiFi so there’s two of them. And so they chose the one that he was mimicking. And he was actually able to go ahead and sniff all of that traffic. So having this data encrypted while data is in transit, you know, to go across the internet. I mean, it’s just becoming so essential, right? Because stuff like that. I mean, we’re humans, you know, even if we’re trained, we may not recognize it or overlook it, right? You just have to prepare for, quote unquote, the unknowns? And I mean, how do you even prepare for that, right? Lauren, I think that we’re going to transition to letting folks talk about some of the solutions that they provide to enable secure remote access. And if you’ve been following along, right, and you’re seeing all these episodes, you realize really quickly it’s impossible to focus on one topic without talking about others, right? It’s just impossible, which is why we’ve created the TOPcyber21 to simplify and prioritize the conversation a little bit and, you know, to close out this segment on what and why, right. And now we’re going to talk about the how and recommendations and stuff. Another thing that dawned on me while you guys were talking, on the why front, right? We’ve been talking about the simplicity of just getting people connected and doing that securely, and encrypting that data and so forth. And one of the reasons why we’ve got to be thinking about it proactively, right? We’ve bounced around here and we bounced around in other conversations, but now that you’ve enabled that remote workforce, to connect to your office where all your critical systems and data are, you may be doing a wonderful job with securing endpoints and, and all those kinds of things. But now that device is connected on that home, that network where the kid is on the x box, and they did click on the kitty, Jim, and that and that device, that IoT device, or that other kids laptop, or tablet device it’s affected, it’s now talking on the same network as your remote workforce device, which is connected to your critical infrastructure at your office or your cloud, right. And so when we’re talking about securing your remote workforces, and the need for more secure access, there’s so many layers and so many facets to this thing. And it’s hard to focus, but the reasons need to be clear. If you’re going to allow people to have remote access, you gotta do it securely. And you got to think about all these things you really do and how you choose to do it. And I’ll say this one last time and how some of us can do it. We’re seeing this significant shift as I mentioned earlier to the DaaS adoption, because in the DaaS adoption, what I just described wouldn’t be an issue because the only thing that’s moving from that end user device is a screen that’s not data packet such as video that’s just audio and video maybe audio right depending on the situation. So let me hush it up and let’s keep going and Lauren, why don’t you push us around the room in talking about each of our Our cast members, best practices and how they approach this.

Lauren Lev
So before we move on to solutions, it sounds like you’re biting at the bit.

Jim Bowers
I just wanted to play off of what you said, I think the reality of it is, is, all of this stuff will go away, once we are able to figure out how to encrypt data everywhere efficiently. Because if you take the value of something away, they’re not going to come after it. They can’t do anything with it. I don’t care how you connect to it. I don’t care if you can see it, you can’t do crap with it. Right? So that’s why I think at the end of the day, that’s the next iteration, as seeing the Unity blockchain distributed arrays. Good luck to get my data. So if I make it not valuable, they’re not going to try to steal it, though. I’ll stop there.

Lauren Lev
Yeah. Well, Jim actually brings up a good point, we have an episode on data encryption. So if you haven’t seen it, it’s episode 11. Go find it. Watch it. Before we move on to talk solutions. Eric, do you have anything that you want to add?

Eric Cole
No, the only thing I was gonna say is, you know, the user side, it’s got to be simplistic for the user. If it’s not simplistic for the user, they’re not going to use it. I get these calls, from users all the time that are just fumbling through using the VPN, using this or that or the other thing. And a lot of solutions made it nice and easy for everybody. I mean, you know, VMware has got some nice things. Microsoft has tried to do the same thing. But Citrix as well. Some other people have some other things, other solutions as well. But I think it has to be simplistic for the user. If it’s not simplistic for the user, the user can’t understand it, they’re not going to use it. I wouldn’t use it, if I didn’t understand how to use it, you know. There’s a lot of technology that still scares people if they don’t understand it. So if it’s nice and simple and easy to use, people will use it. And that’s the big thing, we have to have our users use it because number one brute place of breaches is the user right? It’s the endpoint right? So we’ve got to protect them as much as we can. It’s got to be nice and simple, so that they can follow the policies and use it in a secure manner. So that’s all I was going to add, the end user.

Lauren Lev
I couldn’t agree more.

Matt Tankersley
Yeah, right. Eric uses a product we use from ConnectWise, all day, every day for remote support, which above all things is simple. And I love that tool. It really empowers us to support our clients. I think Frank’s gonna talk a little bit more about that. Frank, I don’t know if you’ve ever heard us say this, we actually use that tool as a remote access tool for clients as well. So we’ll enable them to have a secure identity on our Control platform and have a session group that only goes to their machine or their machines. And again, we’re back into that simplifying, connectivity sort of thing. .

Lauren Lev
Eric, we just did this last week or the week before. You did it for me. All right. So with that, let’s have Frank, talk about you guys’ solutions.

Frank DePrisco
Yeah, so let’s kind of talk about our Control product, which companies like TechOnPurpose use. And now I guess they’re enabling their customers to use it as well. And some of the security that we’ve built into that, because it’s very important that that product itself be secure. So the people we’re connecting to help people do support only have access to what they need to do and can’t have run of the mill once they connect to the customer’s site. So we’ve built in role based security that lets the administrators create different roles with, you know, user permissions that are needed for at least privileged access, and what we call JEA: Just enough access to do what they need to be doing. It’s kind of a new buzzword that we’re throwing around these days and building into the products. It also logs everything that’s done so that there’s an audit trail, if you need to audit what somebody did to a particular commitment to a computer. It monitors who logs in and has timestamps in it. It can actually track the session activities down to which scripts were executed, what commands were run, the tools that were used, and the files that were even transferred. So it’s a way to really audit what’s being done if something goes wrong. It’s also there because if somebody were to get into your environment, use your control instance, then to get to all of your customers, there’s an audit log there. The other thing that’s important is technicians have to request consent from the host that they’re connecting to. So somebody at your customer site would have to actually give you consent to do something on their machine, or you can do it in the background without ever interrupting him, but you still have the consent based piece to make sure that the customer knows you’re connecting and you’re going to do something. The other day I needed to install some software on my laptop for a presentation at a hotel and I couldn’t do it. So I call our IT department, they connect in and I can see everything they’re doing in a window. They install the software, I’m good to go. So we’ve locked down our access so we don’t have admin, we can’t install software. So we need somebody on our support team to dial in to give us access. It doesn’t leave a footprint, once the session is done, everything is erased. So there’s no software that needs to be installed, there’s no client that has to be left on the machine. That way that’s not there once they’re disconnected for other people to potentially connect to. So once the session ends, then that token is erased. And then the last thing is it has an activity timeout built into it. So if the session is sitting idle for a certain amount of time, configurable by you, that session will disconnect and things like that. So we spent a lot of time making that remote control product secure both for you and for your customers.

Lauren Lev
Awesome. Andrew, talk about Cisco.

Andrew Griffin
Yeah, so Oh, gosh, where do I start? So I guess to start at the very end user level, right? So when we’re talking about two-factor authentication for people that have access to these remote devices, I think that’s always the first step is you have to actually prove who you are. And this big focus of where we’re really going is password list authentication, right? The biggest thing is these passwords, we all remember them, we forget them, you know, they’re changing to 12 characters and special characters to 16 characters minimum now. And just eliminating all of that, and really having to use other forms of methods such as biometrics or other areas. I mean, that’s kind of what it’s going to, to actually prove that I am Andrew, and I’m trying to actually log in from Andrew, in Andrew’s location and not from Indonesia, or another country, China or something, you know, three o’clock in the morning, right. And not only along with that, taking it the next step further also, I am authenticating that this is what I can’t do. This is what I can do, giving me alerts if, okay, hey, this user hasn’t logged in for seven days, and now they’ve logged in. Is that okay? Right, because there’s a big thing of a lot of customers using contractors, which is totally normal, and they give them access. And then once the contractors end, that access is still there. And I think we saw the detrimental value of you know, recently from security events that somewhat led to that. So then, you know, taking it to the end device level, we’re talking about secure endpoints. The nice thing about secure endpoint is that not only is it an antivirus software, or it does go ahead and quarantine and protect these end devices, but it’s also an EDR and XDR solution. And what I mean by that is, not only does it show you that okay, yes, you know, you have this trojan horse try to execute, you have this file come in, it didn’t execute, it moves laterally, and then it tried to execute, and it was quarantined. But it shows how it happened all the way from the start. Like hey, okay, this was embedded in an Excel file, this Excel file was downloaded, and then went ahead and tried to reach out to a domain, that domain went ahead and established the backdoor access. And now I have either a malicious actor, someone who actually went through that backdoor access onto my end device. Or, you know, now it’s just installing and spreading throughout my environment. To get it to the next level, I guess I’d say that is where Umbrella comes into play. So of course DNS layer security, IP layer security, HTTP, HTTPS. I mean, we all know that things we shouldn’t go to. I mean, if I fat fingered Google, okay, it’ll block me, right? We know it’s a malicious site. But what if I go to a domain or I go to a URL, and then I try to download something from there, it’ll block it proactively, the big benefit is that it stops the connection before it’s made. It doesn’t allow me to download something, and then go ahead and quarantine it and remove it, it stops it from downloading. So there’s a lot of proactiveness in that way. And then, you know, utilizing the cloud delivered firewall, which filters that layer three, four, and seven. You know, I know, especially with firewalls, the lead times, but the chip shortage right now is crazy. This is all software that is readily available to you 100%, scalable, available. I mean, goodness, there’s so many avenues to it DLP data loss prevention, you know, making sure that private sensitive data stays sensitive and private, to where it can filter keywords or file names, make sure that if a document contains the keywords of internal only, that should never be uploaded to a public cloud application to make sure that we contain that information internally. And then of course, the VPN, you know, again, with the split tunnel and DIA making sure that is encrypted no matter what, whether it’s actually going down the VPN tunnel, or going DIA in some form or another. There’s just so many avenues. And the nice part about this too, is yes, of course, I’m talking all Cisco. And yes, of course, this is three or four products that you can use to be fully protected from a SASE architecture, but also be vendor agnostic. We understand that not everyone’s going to use all Cisco products, and these need to be used interchangeably, and you can with any of these products, right? Because you don’t want to force someone to just use your products to gain the security that they’re looking for. Right? Because everyone has their own, you know, flavors and favoritism which I completely understand. Of course, I’m biased to Cisco, you know, products. I’m going to push Cisco products, but you know, having that peace of mind and making that security available is great. And then also having very easy to use GUI to get this information for you to look at a report to see what’s going on, and not filling the page with just a bunch of logs or mumbo jumbo that you don’t necessarily want to see readily available to you by a few clicks of a button, or even emails to be scheduled to to be sent as a report. I mean, all of these things, it’s just such a benefit just to cover you again, from a holistic, SASE architecture, layering approach.

Lauren Lev
Eric, before we move on to Jim, do you have anything to add?

Eric Cole
I just wanted to talk about desktop as a service for a moment. That is still a possible solution for remote working in a secure manner and why it’s secure. You know, we keep all the data in a data center, and we don’t actually remove it from the data center so that no one can actually grab that data, right? So we keep it in the data center, we go to the data center, we manipulate it there. And then we go home, so to speak. So desktop as a service, I was gonna say, is one of the many ways we can combat the remote working security issue that most of us have today.

Matt Tankersley
That’s good. And I mean, that’s why we’ve talked about it multiple times. It’s solved so many problems. What’s obvious to me is we handed it off to Jim right to sort of wrap us up before any final words to get the TBI perspective. And the security expert perspective is that, you know, see Lauren, it seems the further we go down the TOPcyber21 stack, it’s impossible not to talk about everything that came before, right. Obviously, this is a layered approach. If you want to achieve that journey, that we talked about, of secure, reliable, trusted technology, it’s there. There’s no silver bullet, it’s multiple steps and a lightbulb moment for me, you guys are probably already there. But you know, I say, Okay, we’re gonna focus on one topic. Well, it’s impossible at this point, I mean, the further we go down, you have to talk about everything that came before it. So secure remote access, we use it all day, every day. Hopefully, it’s secure. And, Jim, you’ve worked with all the vendors, I think that are here, you’ve certainly worked with us. And I know that you’re really smart and really gifted at how you talk to us as partners about how to do these kinds of things. And so what do you say on the topic of approaching solutions and best practices on the stuff?

Jim Bowers
That’s a great question. And yes, you got some great vendors. Andrew, I’m so saying this as a joke, because I was a Cisco person but I went into recovery. And I realized where I was, I’m surprised. Cisco is very good. They were one the first people to look at security from a holistic, from a central perspective, right. And I think when we look at security, and hopefully it’ll drill home, there’s one thing out of everything. We talk about all this new technology, you know, next year is gonna be something different, because the medium changes, technology changes. But at the end of the day, what has not changed, it’s what the scenes are after. It’s the data, that data may have been sitting in a safe and may not have been digitized. You know, hell, I used to get a million dollars or whatever for physical art painting. Now there’s fictional NFTs. So the medium changes on how you digest or how you access it. But if we always look at it from a data perspective, you look how drastically Millennials are digesting information compared to us Tank, for the love of Pete. And as that changes, everything else falls around. So this is a very critical component. But that may change, right. And what I think we need to keep in the back of our mind, don’t overcomplicate it, think about security in three ways. It’s where your data is, who’s accessing that data, and where they’re accessing it from. Keep that fundamental piece, everything else may shift around it, but at the end of the day, they do the same thing. And that is going to be a constant cat and mouse game. So keep that central focus, everything else will fall in line. And it’s great to have the series to educate people to work with great partners. You bring such a good format for everybody. I mean, Frank said some critical components on pieces. The neat thing about this is we all look at it from a different angle. It’s almost like we’re looking at where this can fail. You bring a great cast. Everything everybody said is equal in that defense in depth. And that’s what’s so cool about this format. So appreciate the opportunity.

Matt Tankersley
As we focus on on on the solutions for secure remote access, we’ve  talked multiple times about the value of desktop as a service, whether you’re getting that through TechOnPurpose or getting it somewhere else, you want to explore that if you’ve got a remote workforce, and you’re dealing with concerns about kids at home, getting viruses in game to your computers and get into your network, DaaS would solve that problem, right? If you want a really quick solution that doesn’t involve having to have multiple, different solutions for each device, and you want it simple, you just want to click and log in products like Control from ConnectWise that you can get through TechOnPurpose, and other ConnectWise clients, great product to go with, right? Cisco has long been in the business of enabling secure remote access through VPN technology. And now a more holistic approach to the security stack as a whole as Andrew well stated, as we all did, remote access isn’t just one thing. It’s a whole bunch of things. And security-Cisco takes a really complex, simplified approach to covering the whole. So we’ve got solution sets out in the marketplace, do not be going to work every day with your staff, putting you and your company, your clients data, and your customers at risk because you don’t understand what we’re talking about. Just give us a call, we’ll help you figure this out, we’ll help make sure that your people are secure, that your data is secure. And as Jim said, regardless of where they’re at, you know, regardless of how they’re getting there and regardless of where that data is, security needs to be first and foremost. So that’s my final cents. Lauren, let’s close it out and go around the room.

Lauren Lev
Perfect. Okay, Frank. Any last thoughts?

Frank DePrisco
Yeah, maybe this is more for you, Matt, Lauren and Eric. One of the focuses we have, one of our goals this year at ConnectWise is to make our products more secure. And last year, we wrote comprehensive implementation guides for Control, Manage and Automate using stakes from the Department of Defense on how to lock down even the servers as you’re installing the software. And we met this week with our cybersecurity Advisory Council, who’s made up of strong, secure MSPs that are partners, for a week and put together what we’re calling best practices guides for implementing these products. And we’re gonna have the first of those put together and announced that our IT nation secure conference in June. So we’re spending a lot of time, especially my team, as we’ve come over to ConnectWise three years ago into making our products more secure, so that our partners and your customers can use them and have less to worry about. So I just wanted to mention that.

Matt Tankersley
Love it and we’re grateful for that. You guys have always been great leaders in enabling us to be smarter and deliver better service. And Eric, I saw your eyes light up when he said IT Nation in June. So I got a feeling you’ll see some TechOnPurpose T-shirts running around over there.

Frank DePrisco
It’s at the Gaylord palms in Orlando. So it should be fun.

Lauren Lev
All right. Andrew, final thoughts?

Andrew Griffin
I just want to say thanks again, for having me on. And just final thoughts are to keep security top of mind. And, you know, be proactive, don’t be retroactive and be in control of your company data. That’s what this is all about. Don’t wait till you have to.

Lauren Lev
Jim, anything else to add?

Jim Bowers
I was trying to find- because like getting older, I swear there’s a button on your butt. Because if you stand up, you forget stuff and then when you sit back down, you remember it again. Since you said I was published, I was trying to find the exact words about you know how threat actors are like the weather, it’s going to keep coming. Right? And the reality of the situation is, there’s nothing we’re going to do about it. I want businesses to understand that we all throw around all these great acronyms and make us sound really smart. I must say I’m gonna give props to Andrew, you got a big future in front of you, you are smart, you get it and you deliver it very well. So keep being true to yourself because you’re gonna do great. It’s that we complicate it and the reality of it is that’s what they want us to do. They want us to overcomplicate it, it’s a win-win for them. But we can all change that by great companies like you working together collaborating. Threat actors collaborate, we’re starting to share threat intel. That’s huge, right? So we can do it. It’s just- keep focused on the main thing and that’s that data and everything else will fall around it but I think that’s it. Unless you found that article.

Lauren Lev
I do have it. I have your quote. “Threat actors are like the weather. Regardless of your desires, they will continue. It’s completely outside of anyone’s control.” -Jim Bowers

Jim Bowers
It’s forums like this to get the creative juices. Andrew, I love working there, I want to do some more stuff with you. It’s just, this is such a good format, and great stuff comes out of this. So it’s great. Thanks for the opportunity.

Eric Cole
Malicious actors and all this community of hacking and doing these bad things, that’s a community of people sharing bad stuff. We’ve got to share the good stuff.

Jim Bowers
There you go. You nailed it and they leverage that. When I worked in secure work, they started to do that. And I think we’re gonna see more and more of that. But it’s stuff like this that educates. It changes the tide for the SMB space, to compete and get the technology they need in place. So I’m gonna tell you what, guys, that’s where they’re going after. Because they know it’s easy picking. We all want the elephants, but threat actors are like salespeople. Everybody tells me I got to stop saying that, but I love saying it. You’ll go for the elephant, but 80% of your revenue is made up from the small stuff. Threat actors are the same way. But same for this format. It’s awesome. You guys rock.

Matt Tankersley
You guys all rock, man. I think that’s an episode 15 wrap. Lauren, if you want to close this out, I think Jim might have a deep fake video for you.

Lauren Lev
All right, well that is 15 down. Six to go on our journey of 21 steps to secure reliable trusted technology. So check out this episode and all of our episodes on LinkedIn, YouTube, Facebook, and Spotify, or get them delivered straight to your inbox by signing up at TechOnPurpose.net/blog. To start a free trial from ConnectWise or Cisco, send an email to and you can sign up for our free cybersecurity risk assessment at WhosInYour.Cloud. Next week we’re switching gears to server backups and BCDR. While most small businesses may not have the same IT budget as larger enterprises, the risks facing their businesses data are the same. Data backup solutions come in all different flavors, like Andrew said earlier, but our cybersecurity experts next week will help you decide which data solution best fits your business. So join us back here next week. Bye, thanks everybody!

 

Ready for your free cybersecurity survey? Discover potential vulnerabilities for your business and get a copy of our #TOPcyber21 Best Security Practices to help get you started on the road to #secure, reliable, trusted technology! Subscribe to our blog to get episodes of “Who’s In Your Cloud?” delivered direct to your inbox weekly.
Claim Your Free Cybersecurity Sruvey