There are emerging tools and applications that can be used to determine whether devices trying to connect with the network have an acceptable level of protection. Products like the Cisco Security Agent or Trend Micro’s Network VirusWall device can be used to make sure that end-user devices have updated antivirus software and the appropriate patches installed and either redirect or block access from devices that are insecure. However, implementing solutions such as this can be costly and adds another technology to the task list of the administrator.
Remote access and interacting with networks of questionable security is a business necessity in many cases that can’t be avoided. Marcus Ranum concluded with “it's something to be worrying about. But it may be the case that the cost of worrying about it is literally too high to be worth it.”
The bottom line when it comes to remote access seems to be due diligence combined with education and policy. First, before allowing another network or a user to connect to your network you should do enough investigation and ask the right questions to feel comfortable that they have security software such as antivirus installed and that it is updated and that the network or computer system has the necessary patches and updates installed.
Dan Appleman agrees that education and policy are key for secure remote access. “The problem of remote access to the corporate network, like most security problems, is one of awareness and overall security practice.”
Allowing other networks and individuals to connect to your network is virtually unavoidable. Just make sure you exercise the appropriate level of caution and pay close attention to that back door. If all of your fingers are already in use its time to stick a toe in the remote access “leak in the dike.”
