The Remote Red Room: The First Defense in Corporate Security

The Remote Red Room: The First Defense in Corporate Security

  • By Sam Rehman
  • Sep 14, 2020

When organizations began sending employees home in early 2020, it’s likely that few realized just how long their workforces would remain remote or how security risks would increase right along with it. However, the new security realities quickly became clear. Organizations small to large have been impacted, with some of the world’s largest companies taking the biggest hits. At the end of March, Marriott reported that more than 5.2 million guest records had been compromised by a hacker using the logins of two employees at a franchise property. It is the second breach in 18 months, with the first affecting over half a billion people. In early April, Zoom learned that hackers had obtained half a million user passwords and were selling them on the dark web. And, in July, the Twitter account of celebrities including Barack Obama, Bill Gates and Elon Musk were accessed by hackers who convinced company employees to give them access to the customer service portal.

Now that millions will continue working remotely for an unknown number of months to come, protecting the entire organization from security threats is an emergent priority.

Remote work is nothing new, but the recent scale of it is. Many companies and their employees were unprepared for such an abrupt shift—one that has dramatically changed network and enterprise boundaries. According to findings from a July TrendMicro survey of 13,200 remote workers across 27 countries, more than half are using a non-work app on a corporate device, with 66% indicating they have uploaded corporate data to it. Ironically, employees are more likely to download an app than open an unknown email, but apps can be just as insecure and malicious. In fact, Google Play store has discovered and removed more than 1,700 apps infected with the notorious Joker malware since 2017, but it continues to spread. This trusting behavior is often reflective of a false sense of security, where workers assume that company filters are actively defending their personal Wi-Fi and home environment while providing end-to-end encryption of data sent. When this mindset is left unaddressed, employees unwittingly expose sensitive employee and client data to nefarious actors.

Trust nothing and verify everything
As they chart a path toward securing the entire remote-work ecosystem, many organizations have turned to a zero-trust approach. This applies to people, computers, networks and platforms. While some use remote monitoring tools that track employee idle time and browsing, the zero-trust approach prioritizes safeguarding data. And for good reason. Digital is everywhere and underpins everything related to how we work, communicate and innovate. Particularly for companies making the transformation, the ecosystem becomes increasingly complex. With the threat landscape expanding exponentially, enterprises must take a more holistic approach to security that includes proactive protection, pervasive defense, actionable intelligence, and rapid response.

To help organizations work from anywhere and still maintain the necessary security posture, EPAM created the Remote Red Room. Recognizing that physical relocation from a hardened commercial facility (ODC) to an individual’s home naturally results in decreased overall security (if controls remain unchanged), the system is designed to provide verification for the binding between a physical identity and an employee’s access identity. It is similar to traditional onsite Yellow (medium security) and Red Rooms (high security), which are important when dealing with sensitive data that links to an individual’s financial, health, educational or employment information. Though not very well-known concepts outside of specific industries, these secure data rooms ensure levels of compliance and security are enforced and monitored for anyone entering, with Red the highest.

Characteristics of a traditional on-site Yellow Room:

  • Optional: Video surveillance for entry/exit
  • Optional: Corporate mobile phones only (no cameras)
  • Optional: Remote identification (security officer) for each person entering the room
  • Optional: Verification for the binding between a physical identification and the access identity

Characteristics of a traditional on-site Red Room:

  • All optional items for the yellow-zone setup are mandatory
  • Security officer controls in person entry/exit
  • Full video surveillance off the working area
  • Optional: No cell phones
  • Optional: Personal search/metal detector
  • Optional: Color/Numbered paper if printing is required
  • Optional: RF Shield (smaller rooms)

Characteristics of the Remote Red Room
The Remote Red Room moves workstation controls to a contained virtual desktop (VDI) environment, with enhanced hardware standards enforced by technical controls and monitoring. The binding between VDI, plus image verification and other behavioral analytics is key. As a result, common home network hardware risks are minimized. Here’s how it works:

Utilizing machine learning and a mounted wide-angle camera, the system must recognize the person in front of the computer screen or will be denied access. If an unknown person appears in the visual line of sight, access is blocked, or the system shuts down. The same actions occur if the authorized person takes out a phone or places unknown papers on the desk. Additionally, snapshots are taken and sent to a manager or administrator who will further assesses the risks.

In certain sectors—especially insurance, medical and finance where confidential information makes up the bulk of data—the Red Room is widely known as a more secure space for conducting business or transactions. The Remote Red Room controls provides a critical set of controls to mitigate a set of risk introduced when the end points are remote or mobile. And when normal operations resume, whether that means a return to office or a hybrid model, these enhanced controls can be layered on top of any existing ODC environment and provide additional value.

Considering the current challenges that organizations of all sizes and in all industries face, the Remote Red Room affords an essential layer of security that may not have been necessary in many sectors before the pandemic. It can also help safeguard employees from unintentional mis-steps and errors, as well as cybercrime. As more companies realize the potential of a flexible and distributed workforce, new ways to ensure safety will contribute to bolstering both productivity and security.

Featured

  • The Yellow Brick Road

    The road to and throughout Wednesday's and Thursday's ISC West was crowded but it was amazing. Read Now

    • Industry Events
    • ISC West

  • An Inside Look From Napco at ISC West

    Get a look into the excitement at ISC West 2025 from Napco. Hear from some of their top-tech executives live from the show floor. Read Now

    • Industry Events
    • ISC West

  • Upping the Ante

    I am not a betting man in terms of cards, dice, blackjack or that wheel with the black marble racing around the circumference of a spinning wheel, but I would bet on the success of ISC West this year. Read Now

    • Industry Events
    • ISC West

  • It's Show Time

    I am one of those people that likes to see things get bigger and better. As advertised, ISC West is going to be bigger (more exhibitors) and better (more attendees). It’s show time in Las Vegas. Read Now

    • Industry Events
    • ISC West
Most   Popular

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.