Would You Like to Play a Game? ft. Bryon Singh, RailWorks Corporation

Would You Like to Play a Game? ft. Bryon Singh, RailWorks Corporation

By Steve Gold
Posted in Security
On October 31, 2023

One of my favorite movies is WarGames. If you haven’t seen it, stop reading immediately cause I’m going to spoil it for you.

In the movie, David Lightman (played by Mathew Broderick) uses a technique called wardialing, where his computer dials every phone number in a given area to find a modem at the other end. David discovers a modem for a military supercomputer aka WOPR (War Operation Plan Response, because everything needs an acronym). Once he's connected, he relies on easily guessable passwords, combined with knowledge of the developer's personal life (like the name of the developer's deceased son), to gain unauthorized entry.

Now, let's relate this to multi-factor authentication (MFA). If the military supercomputer had a form of MFA in place, David's knowledge of a password or personal details alone wouldn't have been enough. He would've needed another form of verification - be it a physical token, an SMS code, or another biometric form of ID - to gain access.

The ability to access corporate networks from anywhere in the world has revolutionized the way businesses operate. Employees can collaborate across continents, respond to client needs in real-time, and maintain productivity even when they can't physically be in the office.

Yet, this convenience poses a significant challenge: How can businesses ensure that the individuals accessing their networks remotely are who they say they are? You guessed it, MFA.

In the era of remote and hybrid work, network security is more vital than ever. Cyber professionals must not only protect data but also ensure secure access. Enter CIS Safeguard 6.4, which mandates MFA for remote network connections. This isn't just a password; it's an added security step, like a one-time code or biometric check. Building on the previous CIS Safeguard 6.3, which focuses on MFA for external applications, 6.4 further strengthens the network's defenses.

Why is CIS Safeguard 6.4 Crucial in Today's Context?

  1. The Surge of Remote Work:

The COVID-19 pandemic dramatically accelerated the adoption of remote work, transforming it from an occasional perk to a standard operating model for many organizations. This shift expanded the network perimeter, making MFA essential to ensure that every remote access point is secure.

  1. Diversified Threat Landscape:

With an increase in remote access points, threat actors have more potential entry points. MFA acts as an added barrier, making unauthorized access substantially more challenging.

  1. Safeguarding Sensitive Data:

For organizations handling sensitive data, any breach could result in severe financial and reputational consequences. MFA for remote network access ensures an added layer of protection for such critical data.

Implementation Considerations for Cyber Professionals:

  1. User Training:

While MFA enhances security, it also introduces an additional step for users. Proper training and clear communication regarding the importance and procedures of MFA can ease the transition.

  1. Scalable Solutions:

The MFA solution chosen should be scalable, considering the potential growth in the number of remote users and the array of devices they might use.

  1. Continuous Monitoring:

Implementing MFA is not a one-off task. Continuous monitoring and regular updates ensure that the MFA solution in place remains effective against evolving threats.

 

Here’s a link to the Account and Credential Management Policy Template for CIS Controls 5 and 6 provided free of charge from the fine folks at the Center for Internet Security: https://www.cisecurity.org/insights/white-papers/account-and-credential-management-policy-template-for-cis-controls-5-and-6

Here’s some detail on this specific Control/Safeguard. If you want more detail, DM me.

CIS Control 6 – Access Control Management

Use processes and tools to create, assign, manage, and revoke access credentials and privileges for users, administrators, and service accounts for enterprise assets and software.

Implementation Group 1

CIS Safeguard 6.4 - Require MFA for Remote Network Access

Require MFA for remote network access

Steve Gold

Steve Gold

Steve Gold is the Cybersecurity Practice Director at Gotham Technology Group (Gotham). He is responsible for providing the vision and thought leadership to expand Gotham’s legacy of success and build a world-class cybersecurity practice. He works closely with Gotham’s customers, industry partners, and subject matter experts to develop relevant solutions for Gotham’s clients and prospects.

Prior to joining Gotham, Steve worked with the Center for Internet Security (CIS), where he expanded the global reach, revenue, and impact of the CIS Benchmarks, CIS Controls, and CIS Hardened Images. He led the efforts to promote the CIS portfolio of low-cost and no-cost cybersecurity products and services that help private and public organizations stay secure in the connected world. He grew a team of security specialists from 12 to over 40 to assist organizations with implementing security best practices in their continual journey of cybersecurity maturity.

During his more than 20-year career, Steve led teams responsible for developing and implementing technology solutions at some of the industry’s most recognized companies such as Varonis, VMware, Dell & Wyse Technology

Steve is a frequent speaker/moderator at industry conferences and webinars, covering a wide array of information security topics. He resides and works remotely in Baltimore, MD.