The Remote Red Room: The First Defense in Corporate Security -- Security Today

The Remote Red Room: The First Defense in Corporate Security

By Sam Rehman
Sep 14, 2020

When organizations began sending employees home in early 2020, it’s likely that few realized just how long their workforces would remain remote or how security risks would increase right along with it. However, the new security realities quickly became clear. Organizations small to large have been impacted, with some of the world’s largest companies taking the biggest hits. At the end of March, Marriott reported that more than 5.2 million guest records had been compromised by a hacker using the logins of two employees at a franchise property. It is the second breach in 18 months, with the first affecting over half a billion people. In early April, Zoom learned that hackers had obtained half a million user passwords and were selling them on the dark web. And, in July, the Twitter account of celebrities including Barack Obama, Bill Gates and Elon Musk were accessed by hackers who convinced company employees to give them access to the customer service portal.

Now that millions will continue working remotely for an unknown number of months to come, protecting the entire organization from security threats is an emergent priority.

Remote work is nothing new, but the recent scale of it is. Many companies and their employees were unprepared for such an abrupt shift—one that has dramatically changed network and enterprise boundaries. According to findings from a July TrendMicro survey of 13,200 remote workers across 27 countries, more than half are using a non-work app on a corporate device, with 66% indicating they have uploaded corporate data to it. Ironically, employees are more likely to download an app than open an unknown email, but apps can be just as insecure and malicious. In fact, Google Play store has discovered and removed more than 1,700 apps infected with the notorious Joker malware since 2017, but it continues to spread. This trusting behavior is often reflective of a false sense of security, where workers assume that company filters are actively defending their personal Wi-Fi and home environment while providing end-to-end encryption of data sent. When this mindset is left unaddressed, employees unwittingly expose sensitive employee and client data to nefarious actors.

Trust nothing and verify everything
As they chart a path toward securing the entire remote-work ecosystem, many organizations have turned to a zero-trust approach. This applies to people, computers, networks and platforms. While some use remote monitoring tools that track employee idle time and browsing, the zero-trust approach prioritizes safeguarding data. And for good reason. Digital is everywhere and underpins everything related to how we work, communicate and innovate. Particularly for companies making the transformation, the ecosystem becomes increasingly complex. With the threat landscape expanding exponentially, enterprises must take a more holistic approach to security that includes proactive protection, pervasive defense, actionable intelligence, and rapid response.

To help organizations work from anywhere and still maintain the necessary security posture, EPAM created the Remote Red Room. Recognizing that physical relocation from a hardened commercial facility (ODC) to an individual’s home naturally results in decreased overall security (if controls remain unchanged), the system is designed to provide verification for the binding between a physical identity and an employee’s access identity. It is similar to traditional onsite Yellow (medium security) and Red Rooms (high security), which are important when dealing with sensitive data that links to an individual’s financial, health, educational or employment information. Though not very well-known concepts outside of specific industries, these secure data rooms ensure levels of compliance and security are enforced and monitored for anyone entering, with Red the highest.

Characteristics of a traditional on-site Yellow Room:

Optional: Video surveillance for entry/exit
Optional: Corporate mobile phones only (no cameras)
Optional: Remote identification (security officer) for each person entering the room
Optional: Verification for the binding between a physical identification and the access identity

Characteristics of a traditional on-site Red Room:

All optional items for the yellow-zone setup are mandatory
Security officer controls in person entry/exit
Full video surveillance off the working area
Optional: No cell phones
Optional: Personal search/metal detector
Optional: Color/Numbered paper if printing is required
Optional: RF Shield (smaller rooms)

Characteristics of the Remote Red Room
The Remote Red Room moves workstation controls to a contained virtual desktop (VDI) environment, with enhanced hardware standards enforced by technical controls and monitoring. The binding between VDI, plus image verification and other behavioral analytics is key. As a result, common home network hardware risks are minimized. Here’s how it works:

Utilizing machine learning and a mounted wide-angle camera, the system must recognize the person in front of the computer screen or will be denied access. If an unknown person appears in the visual line of sight, access is blocked, or the system shuts down. The same actions occur if the authorized person takes out a phone or places unknown papers on the desk. Additionally, snapshots are taken and sent to a manager or administrator who will further assesses the risks.

In certain sectors—especially insurance, medical and finance where confidential information makes up the bulk of data—the Red Room is widely known as a more secure space for conducting business or transactions. The Remote Red Room controls provides a critical set of controls to mitigate a set of risk introduced when the end points are remote or mobile. And when normal operations resume, whether that means a return to office or a hybrid model, these enhanced controls can be layered on top of any existing ODC environment and provide additional value.

Considering the current challenges that organizations of all sizes and in all industries face, the Remote Red Room affords an essential layer of security that may not have been necessary in many sectors before the pandemic. It can also help safeguard employees from unintentional mis-steps and errors, as well as cybercrime. As more companies realize the potential of a flexible and distributed workforce, new ways to ensure safety will contribute to bolstering both productivity and security.

Featured

Survey: Nearly Half of Employees Hide Workplace AI Use

Laserfiche, a SaaS provider of intelligent content management and business process automation, recently released new survey findings on AI adoption in the workplace, revealing that nearly half of Americans (49%) who use AI at work keep it to themselves, with 15% deliberately avoiding telling their manager. Read Now
- Artificial Intelligence
- Cybersecurity
46% of Enterprise Passwords Are Vulnerable to Cracking

Picus Security recently released The Blue Report™ 2025, based on more than 160 million real-world attack simulations. Now in its third year, the report provides a data-driven assessment of how well security controls perform against today’s threats — and this year’s findings are the most concerning to date. Read Now
- Cybersecurity
Community-Led Video Security Network Transforms Pennsylvania City Public Safety

A community-supported video security initiative has transformed public safety in Lancaster, Pennsylvania. The citizen-led collaboration demonstrates how open platform video technology can help revitalize struggling urban areas. Read Now
- Government
Browser-Based AI Agents: The Silent Security Threat Unfolding

Some of the most revolutionary advances in artificial intelligence include browser-based AI agents, which are self-sustaining software tools integrated into web browsers that act on behalf of individuals. Read Now
- Cybersecurity
Report: Cybercriminals Abandon Tech Tricks for Personalized Email Deception Tactics

VIPRE Security Group, a cybersecurity, privacy, and data protection company, has released its email threat landscape report for Q2 2025. Through an examination of worldwide real-world data, this report sounds the alarm on the most significant email security trends observed in the second quarter of 2025, enabling organizations to develop effective email security defenses for the remainder of the year. Read Now
- Cybersecurity

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Luma x20

Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”
ResponderLink

Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.
A8V MIND

Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.