Cyberattacks insurance security VNC Connect

3 Ways Remote Access Can Make or Break Obtaining Cyber Insurance

Cyber Insurers are scrutinizing exactly what the state of your organization’s security stance looks like in order to obtain a policy – something remote access has quite a bit to say about.

A few years back, when cyber insurance policies were a new thing, it was a bit like the “wild west”, with no insurer truly having a grasp on how the insured organization’s state of cybersecurity readiness played a role in whether an attack would occur and, therefore, a claim being made.  But today’s insurers have taken steps to better understand where the sources of risk (that could cause them to need to payout on a claim) are– with many of those risks coming from within your own environment.

Because of this, in the last year, we saw massive increases in cyber insurance premiums rise for policies covering cyberattacks, but most cyber insurers expect this trend to continue with 74% of them saying that an inability to accurately understand a customer’s security posture is having an impact on policy prices.

The severity and sophistication of attacks have resulted in underwriters more deeply scrutinizing an organization’s security posture to determine how much risk the organization itself adds to the equation. Some of the more common aspects of your cybersecurity that fall under scrutiny include specific technologies underwriters want to see in place.  

A recent article written by insurance brokerage firm Woodruff Sawyer lists six key security controls they continually see as being critical to insurers when they are considering whether to insure your organization.  Using the context of the security controls mentioned in that article, I want to cover three ways Remote Access can actually harm your chances of obtaining cyber insurance:

  • Remote Access Could Bypass Multi-Factor Authentication (MFA)MFA is a key component cyber insurers want to see implemented. Most organizations that have MFA in place tend not to have it in place organization-wide, regardless of user, location, or method of connection.  Remote Access is one of those methodologies that seem to fall behind when MFA is implemented.  But let me be clear – on its own merit to help protect your organization, you need to have every last user across any method of connection using MFA, period. Then as you add in the need for cyber insurance, the more broadly your MFA is implemented, the lower your risk profile will appear to your cyber insurer. So, this applies to your use of Remote Access; anytime a user connects, there must be MFA in place as part of their authentication.
  • Remote Access Could Provide Access Despite Network Segmentation – One of the six key security controls is the segmenting of networks, subnets, etc. to help minimize the ability to laterally move during a cyberattack. Many organizations solely focus on productivity when implementing remote access, which may actually provide cross-segment access that could facilitate lateral movement. It’s important to think about any segmentation policies you have in place and ensure that any remote access solution you have in place adheres to the intent of those policies.
  • RDP-based Remote Access Isn’t Inherently Secure – Cyber insurers have a decent grasp on the general state of the use of RDP, stating “Organizations are encouraged to turn off RDP unless absolutely necessary. If RDP is needed at any point, the connection should be secured by a combination of a VPN and multi-factor authentication.” It’s not that RDP is bad; it’s that most implementations aren’t secure. It is possible to implement Remote Desktop Services (which exists separately from the built-in RDP access to Windows’ endpoints) but this requires additional work to install and configure.  Additionally, RDP inherently doesn’t help address the security needed for specific types of connection scenarios – for example, even the Woodruff Sawyer folks see the need to augment an inbound RDP connection with a VPN.  Your remote access needs to offer multiple methods of securing the authentication, connection, and even the level of access granted via the remote session to create its own defense-in-depth strategy to minimize the possibility that someone can misuse your remote access in all of its possible scenarios within your organization.

It’s important to know that insurers have different requirements that define what security measures, solutions, policies, etc. need to be in place in order to obtain coverage. So, both the referenced article and the recommendations above are – by no means – a comprehensive explanation of what your remote access, in essence, shouldn’t be doing in order to get coverage.  Instead, think of the three ways listed above as guidance around what you don’t want your remote access to be doing – both from a “we want to get a cyber insurance policy” standpoint, as well as “don’t you want your environment to be secure anyways?” standpoint.

See how other customers are using RVNC® Connect

rajah-and-tann-singapore-case-study

Rajah & Tann Singapore

"VNC Connect gives us the ability to extend our technical support out to users who are not in the office. This comes …
Learn more »
Fujifilm

Fujifilm

"RealVNC® software provides fast and efficient remote access to many of our systems throughout the UK."<br><br> Richard Cahalane, Applications Manager
Learn more »
iStock_0

Calderstones NHS Trust

"With RealVNC® remote access software we have been able to provide a more responsive helpdesk, positively impacting on staff morale throughout an …
Learn more »

Experience secure remote freedom, like never before

We don’t require credit card data. 14 days of free, secure and fast access to your devices. Upgrade or cancel anytime

G2 stars review

4.7 stars, 400+ reviews
Top 50 IT Management
Products 2020

Apple App Store

4.8 stars, 11,700 reviews
Apple Store 5M+ downloads

Google Play Store

4.7 stars, 55,000 reviews
Google Play Store 5M+
downloads

Capterra

4.5 stars, 100+ reviews
Best Software Reviews
Platform