You need to routinely assess and map out how your users are operating to provide the right security settings. Software monitoring of some sort is important to help you understand this, but so is actively seeing how your users make use of the platforms they are provided.
Are they leaving applications running active tasks for long periods of time? Do they open RDSH connections and then lock them before changing locations? Do they often rely on reconnecting to RDSH or VDI sessions so that they can "pick up where they left off?" Do they actually log out at the end of the day? This is another example of trying to strike a balance between user experience and security-how do you manage to provide an acceptable level of protection yet ensure that users don't get interrupted in their work processes? User profilingįirst, you need to understand your users' practices. This becomes even trickier in remote working scenarios, as you don't have any control of where the user is connecting from-it could be any public place with a WIFI connection.
There are many aspects to this "low-hanging fruit," but one of the more difficult ones to cover is how to lock a user's session after inactivity to ensure an attacker can't take advantage of an unattended workstation. It is very important to pay attention to the basic tenets of security to restrict an intruder's ability to penetrate deeper into the infrastructure. Missing basic security checkboxes can often result in data exfiltration, lateral movement, and privilege escalation, allowing attackers to gain a further foothold into networks and increase the scope of the compromise. In any environment, but particularly so in RDSH or virtual desktop solutions, making sure that the "low-hanging fruit" of security is picked off is particularly vital.
0 kommentar(er)
