The Remote Red Room: The First Defense in Corporate Security

The Remote Red Room: The First Defense in Corporate Security

When organizations began sending employees home in early 2020, it’s likely that few realized just how long their workforces would remain remote or how security risks would increase right along with it. However, the new security realities quickly became clear. Organizations small to large have been impacted, with some of the world’s largest companies taking the biggest hits. At the end of March, Marriott reported that more than 5.2 million guest records had been compromised by a hacker using the logins of two employees at a franchise property. It is the second breach in 18 months, with the first affecting over half a billion people. In early April, Zoom learned that hackers had obtained half a million user passwords and were selling them on the dark web. And, in July, the Twitter account of celebrities including Barack Obama, Bill Gates and Elon Musk were accessed by hackers who convinced company employees to give them access to the customer service portal.

Now that millions will continue working remotely for an unknown number of months to come, protecting the entire organization from security threats is an emergent priority.

Remote work is nothing new, but the recent scale of it is. Many companies and their employees were unprepared for such an abrupt shift—one that has dramatically changed network and enterprise boundaries. According to findings from a July TrendMicro survey of 13,200 remote workers across 27 countries, more than half are using a non-work app on a corporate device, with 66% indicating they have uploaded corporate data to it. Ironically, employees are more likely to download an app than open an unknown email, but apps can be just as insecure and malicious. In fact, Google Play store has discovered and removed more than 1,700 apps infected with the notorious Joker malware since 2017, but it continues to spread. This trusting behavior is often reflective of a false sense of security, where workers assume that company filters are actively defending their personal Wi-Fi and home environment while providing end-to-end encryption of data sent. When this mindset is left unaddressed, employees unwittingly expose sensitive employee and client data to nefarious actors.

Trust nothing and verify everything
As they chart a path toward securing the entire remote-work ecosystem, many organizations have turned to a zero-trust approach. This applies to people, computers, networks and platforms. While some use remote monitoring tools that track employee idle time and browsing, the zero-trust approach prioritizes safeguarding data. And for good reason. Digital is everywhere and underpins everything related to how we work, communicate and innovate. Particularly for companies making the transformation, the ecosystem becomes increasingly complex. With the threat landscape expanding exponentially, enterprises must take a more holistic approach to security that includes proactive protection, pervasive defense, actionable intelligence, and rapid response.

To help organizations work from anywhere and still maintain the necessary security posture, EPAM created the Remote Red Room. Recognizing that physical relocation from a hardened commercial facility (ODC) to an individual’s home naturally results in decreased overall security (if controls remain unchanged), the system is designed to provide verification for the binding between a physical identity and an employee’s access identity. It is similar to traditional onsite Yellow (medium security) and Red Rooms (high security), which are important when dealing with sensitive data that links to an individual’s financial, health, educational or employment information. Though not very well-known concepts outside of specific industries, these secure data rooms ensure levels of compliance and security are enforced and monitored for anyone entering, with Red the highest.

Characteristics of a traditional on-site Yellow Room:

  • Optional: Video surveillance for entry/exit
  • Optional: Corporate mobile phones only (no cameras)
  • Optional: Remote identification (security officer) for each person entering the room
  • Optional: Verification for the binding between a physical identification and the access identity

Characteristics of a traditional on-site Red Room:

  • All optional items for the yellow-zone setup are mandatory
  • Security officer controls in person entry/exit
  • Full video surveillance off the working area
  • Optional: No cell phones
  • Optional: Personal search/metal detector
  • Optional: Color/Numbered paper if printing is required
  • Optional: RF Shield (smaller rooms)

Characteristics of the Remote Red Room
The Remote Red Room moves workstation controls to a contained virtual desktop (VDI) environment, with enhanced hardware standards enforced by technical controls and monitoring. The binding between VDI, plus image verification and other behavioral analytics is key. As a result, common home network hardware risks are minimized. Here’s how it works:

Utilizing machine learning and a mounted wide-angle camera, the system must recognize the person in front of the computer screen or will be denied access. If an unknown person appears in the visual line of sight, access is blocked, or the system shuts down. The same actions occur if the authorized person takes out a phone or places unknown papers on the desk. Additionally, snapshots are taken and sent to a manager or administrator who will further assesses the risks.

In certain sectors—especially insurance, medical and finance where confidential information makes up the bulk of data—the Red Room is widely known as a more secure space for conducting business or transactions. The Remote Red Room controls provides a critical set of controls to mitigate a set of risk introduced when the end points are remote or mobile. And when normal operations resume, whether that means a return to office or a hybrid model, these enhanced controls can be layered on top of any existing ODC environment and provide additional value.

Considering the current challenges that organizations of all sizes and in all industries face, the Remote Red Room affords an essential layer of security that may not have been necessary in many sectors before the pandemic. It can also help safeguard employees from unintentional mis-steps and errors, as well as cybercrime. As more companies realize the potential of a flexible and distributed workforce, new ways to ensure safety will contribute to bolstering both productivity and security.

Featured

  • Accelerating a Pathway

    There is a new trend touting the transformational qualities of AI’s ability to deliver actionable data and predictive analysis that in many instances, seems to be a bit of an overpromise. The reality is that very few solutions in the cyber-physical security (CPS) space live up to this high expectation with the one exception being the new generation of Physical Identity and Access Management (PIAM) software – herein recategorized as PIAM+. Read Now

  • Protecting Your Zones

    It is game day. You can feel the crowd’s energy. In the parking lot. At the gate. In the stadium. On the concourse. Fans are eager to party. Food and merchandise vendors ready themselves for the rush. Read Now

  • Street Smarts

    The ongoing acceptance of AI and advanced data analytics has allowed surveillance camera technology to shift from being a tactical tool to a strategic business solution. Combining traditional surveillance technology with AI-based data-driven insights can streamline transportation systems, enhance traffic management, improve situational awareness, optimize resource allocation and streamline emergency response procedures. Read Now

  • The Progress of Biometrics

  • Next-Gen AI for Smart Cities

    The future of smart city technology is not being shaped in Silicon Valley — it is taking root in Dubuque, Iowa. With a population of about 60,000, this mid-sized city has become a live testbed for AI-driven traffic management thanks to a unique public-private collaboration led by Milestone Systems. Project Hafnia demonstrates how cities can transform urban mobility and safety through Responsible Technology—without costly infrastructure overhauls. Read Now

New Products

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.