Remote access is a means of accessing resources outside oneâ??s immediate\nphysical location. This has made employee mobility more effective and productive\nfor most organizations. Remote access can be achieved via various\nchannels of remote communication, the most common being Virtual Private\nNetworks (VPNs). The demand for remote access is on the rise, especially\nduring the Covid-19 pandemic, and will continue to increase as most organizations\nare re-structuring to make telecommuting a permanent part of their\nmode of operation. Employee mobility, while presenting organizations with\nsome advantages, comes with the associated risk of exposing corporate cyber\nassets to attackers. The remote user and the remote connectivity technology\npresent some vulnerabilities which can be exploited by any threat agent to violate\nthe confidentiality, integrity and availability (CIA) dimensions of these\ncyber assets. So, how are users and remote devices authenticated? To what\nextent is the established connection secured? With employee mobility on the\nrise, it is necessary to analyze the user authentication role since the mobile\nemployee is not under the monitoring radar of the organization, and the environment\nfrom which the mobile employee connects may be vulnerable. In\nthis study, an experiment was setup to ascertain the user authentication roles.\nThe experiment showed the process of 2FA in user authentication and it\nproved to be an effective means of improving user authentication during remote\naccess. This was depicted via the use of what the user has (mobile\nphone/soft-token) as a second factor in addition to what the user knows, i.e.\npassword. This authentication method overcomes the security weaknesses\ninherent in single-factor user authentication via the use of password only.\nHowever, the results also showed that though 2FA user authentication ensures\nsecurity, the remote devices could exhibit further vulnerabilities and\npose serious risks to the organization. Thus, a varied implementation was\nrecommended to further enhance the security of remote access communication\nwith regards to the remote user authentication.
Loading....