Remote Access policy - Security Architecture

Remote access is the ability to access a computer or network from a remote location. It can be used to allow users to access systems and data that they would not otherwise be able to access, or to allow authorized users to access systems and data from outside the normal security perimeter.  In a security architecture, remote access can play an important role in creating a layered defense. By allowing authorized users to access systems and data from outside the normal security perimeter, it can help to create a buffer between the internal network and the outside world. This can make it more difficult for unauthorized users to gain access to sensitive information, and can help to prevent data breaches. 

Remote Access

A remote access policy serves as a guide for remote users connecting to the network. It extends the policies governing network and computer use in the office. It helps ensure that only those users who need it are given network access, as long as their devices are also compliant with the guidelines. When implemented properly, it helps safeguard the network from potential security threats.

A remote access policy should cover everything—from the types of users who can be given network access from outside the office to device types that can be used when connecting to the network. Once written, employees must sign a remote access policy acceptance form. Strict implementation is a must, and it can be enforced through a combination of automated and manual techniques. While studies have shown that organizations can benefit immensely from remote work, it is also true that the trend poses some serious security challenges for IT departments. Some users, especially those who are not tech-savvy, may take the need to connect securely to the internal network from outside the office for granted, placing the network at risk with potentially harmful behavior. If a remote access policy is not in place, such risky behavior could go on unmitigated, without the organization finding out about it until after the occurrence of a breach.

With a comprehensive remote access policy, employees are made aware of the need to safeguard the network using best practices. Couple that with effective enforcement, and threats from unsafe employee behavior can be virtually eliminated. Authorized users are bound to follow the remote access policy, with erring employees facing sanctions.

Remote Access Using AWS Workspaces :

AWS Workspace enables you to provision virtual, cloud-based Microsoft Windows or Amazon Linux desktops for your users, known as WorkSpaces and eliminates the need to procure and deploy hardware or install complex software. You can quickly add or remove users as your needs change. Users can access their virtual desktops from multiple devices or web browsers.Understand: BYOD/BYOL; Desktop as a Service

To RDP outside of the network, you must provide internet access from your WorkSpace by assigning an Elastic IP address to each WorkSpace. If you use a network address

translation (NAT) gateway, then you can RDP from within the network.