The Remote Red Room: The First Defense in Corporate Security -- Security Today

The Remote Red Room: The First Defense in Corporate Security

By Sam Rehman
Sep 14, 2020

When organizations began sending employees home in early 2020, it’s likely that few realized just how long their workforces would remain remote or how security risks would increase right along with it. However, the new security realities quickly became clear. Organizations small to large have been impacted, with some of the world’s largest companies taking the biggest hits. At the end of March, Marriott reported that more than 5.2 million guest records had been compromised by a hacker using the logins of two employees at a franchise property. It is the second breach in 18 months, with the first affecting over half a billion people. In early April, Zoom learned that hackers had obtained half a million user passwords and were selling them on the dark web. And, in July, the Twitter account of celebrities including Barack Obama, Bill Gates and Elon Musk were accessed by hackers who convinced company employees to give them access to the customer service portal.

Now that millions will continue working remotely for an unknown number of months to come, protecting the entire organization from security threats is an emergent priority.

Remote work is nothing new, but the recent scale of it is. Many companies and their employees were unprepared for such an abrupt shift—one that has dramatically changed network and enterprise boundaries. According to findings from a July TrendMicro survey of 13,200 remote workers across 27 countries, more than half are using a non-work app on a corporate device, with 66% indicating they have uploaded corporate data to it. Ironically, employees are more likely to download an app than open an unknown email, but apps can be just as insecure and malicious. In fact, Google Play store has discovered and removed more than 1,700 apps infected with the notorious Joker malware since 2017, but it continues to spread. This trusting behavior is often reflective of a false sense of security, where workers assume that company filters are actively defending their personal Wi-Fi and home environment while providing end-to-end encryption of data sent. When this mindset is left unaddressed, employees unwittingly expose sensitive employee and client data to nefarious actors.

Trust nothing and verify everything
As they chart a path toward securing the entire remote-work ecosystem, many organizations have turned to a zero-trust approach. This applies to people, computers, networks and platforms. While some use remote monitoring tools that track employee idle time and browsing, the zero-trust approach prioritizes safeguarding data. And for good reason. Digital is everywhere and underpins everything related to how we work, communicate and innovate. Particularly for companies making the transformation, the ecosystem becomes increasingly complex. With the threat landscape expanding exponentially, enterprises must take a more holistic approach to security that includes proactive protection, pervasive defense, actionable intelligence, and rapid response.

To help organizations work from anywhere and still maintain the necessary security posture, EPAM created the Remote Red Room. Recognizing that physical relocation from a hardened commercial facility (ODC) to an individual’s home naturally results in decreased overall security (if controls remain unchanged), the system is designed to provide verification for the binding between a physical identity and an employee’s access identity. It is similar to traditional onsite Yellow (medium security) and Red Rooms (high security), which are important when dealing with sensitive data that links to an individual’s financial, health, educational or employment information. Though not very well-known concepts outside of specific industries, these secure data rooms ensure levels of compliance and security are enforced and monitored for anyone entering, with Red the highest.

Characteristics of a traditional on-site Yellow Room:

Optional: Video surveillance for entry/exit
Optional: Corporate mobile phones only (no cameras)
Optional: Remote identification (security officer) for each person entering the room
Optional: Verification for the binding between a physical identification and the access identity

Characteristics of a traditional on-site Red Room:

All optional items for the yellow-zone setup are mandatory
Security officer controls in person entry/exit
Full video surveillance off the working area
Optional: No cell phones
Optional: Personal search/metal detector
Optional: Color/Numbered paper if printing is required
Optional: RF Shield (smaller rooms)

Characteristics of the Remote Red Room
The Remote Red Room moves workstation controls to a contained virtual desktop (VDI) environment, with enhanced hardware standards enforced by technical controls and monitoring. The binding between VDI, plus image verification and other behavioral analytics is key. As a result, common home network hardware risks are minimized. Here’s how it works:

Utilizing machine learning and a mounted wide-angle camera, the system must recognize the person in front of the computer screen or will be denied access. If an unknown person appears in the visual line of sight, access is blocked, or the system shuts down. The same actions occur if the authorized person takes out a phone or places unknown papers on the desk. Additionally, snapshots are taken and sent to a manager or administrator who will further assesses the risks.

In certain sectors—especially insurance, medical and finance where confidential information makes up the bulk of data—the Red Room is widely known as a more secure space for conducting business or transactions. The Remote Red Room controls provides a critical set of controls to mitigate a set of risk introduced when the end points are remote or mobile. And when normal operations resume, whether that means a return to office or a hybrid model, these enhanced controls can be layered on top of any existing ODC environment and provide additional value.

Considering the current challenges that organizations of all sizes and in all industries face, the Remote Red Room affords an essential layer of security that may not have been necessary in many sectors before the pandemic. It can also help safeguard employees from unintentional mis-steps and errors, as well as cybercrime. As more companies realize the potential of a flexible and distributed workforce, new ways to ensure safety will contribute to bolstering both productivity and security.

Honeywell Makes Strategic Tuck-in Acquisition of Li-ion Tamer
07/01/2025
Defining SASE at the Largest Consumer Electronics Chain in the Nordics
06/26/2025
Elite Interactive Receives Strategic Investment from CIVC Partners
06/26/2025
ProdataKey’s Emergency Response Integrations: Integrated Access Control Made Easy
06/25/2025
Eagle Eye Networks Enhances Partner Program to Accelerate Reseller Growth
06/24/2025
Altronix POE367 Delivers 277VAC Support at Remote Locations
06/18/2025
ONVIF, C2PA Announce Collaboration to Strengthen Trust in Digital Video
06/18/2025
Acre Security Confirms Kumar Sokka as CEO to Lead Next Phase of Growth
06/16/2025

Featured

Video Surveillance Trends to Watch

With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now
- Video Surveillance
New Report Reveals Top Trends Transforming Access Controller Technology

Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now
- Access Control
Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now
- Cybersecurity
ASIS International Introduces New ANSI-Approved Investigations Standard
- Guard Services
Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now
- Cybersecurity

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

EasyGate SPT SPD

Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.
ResponderLink

Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.
4K Video Decoder

3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.