The Remote Red Room: The First Defense in Corporate Security

The Remote Red Room: The First Defense in Corporate Security

When organizations began sending employees home in early 2020, it’s likely that few realized just how long their workforces would remain remote or how security risks would increase right along with it. However, the new security realities quickly became clear. Organizations small to large have been impacted, with some of the world’s largest companies taking the biggest hits. At the end of March, Marriott reported that more than 5.2 million guest records had been compromised by a hacker using the logins of two employees at a franchise property. It is the second breach in 18 months, with the first affecting over half a billion people. In early April, Zoom learned that hackers had obtained half a million user passwords and were selling them on the dark web. And, in July, the Twitter account of celebrities including Barack Obama, Bill Gates and Elon Musk were accessed by hackers who convinced company employees to give them access to the customer service portal.

Now that millions will continue working remotely for an unknown number of months to come, protecting the entire organization from security threats is an emergent priority.

Remote work is nothing new, but the recent scale of it is. Many companies and their employees were unprepared for such an abrupt shift—one that has dramatically changed network and enterprise boundaries. According to findings from a July TrendMicro survey of 13,200 remote workers across 27 countries, more than half are using a non-work app on a corporate device, with 66% indicating they have uploaded corporate data to it. Ironically, employees are more likely to download an app than open an unknown email, but apps can be just as insecure and malicious. In fact, Google Play store has discovered and removed more than 1,700 apps infected with the notorious Joker malware since 2017, but it continues to spread. This trusting behavior is often reflective of a false sense of security, where workers assume that company filters are actively defending their personal Wi-Fi and home environment while providing end-to-end encryption of data sent. When this mindset is left unaddressed, employees unwittingly expose sensitive employee and client data to nefarious actors.

Trust nothing and verify everything
As they chart a path toward securing the entire remote-work ecosystem, many organizations have turned to a zero-trust approach. This applies to people, computers, networks and platforms. While some use remote monitoring tools that track employee idle time and browsing, the zero-trust approach prioritizes safeguarding data. And for good reason. Digital is everywhere and underpins everything related to how we work, communicate and innovate. Particularly for companies making the transformation, the ecosystem becomes increasingly complex. With the threat landscape expanding exponentially, enterprises must take a more holistic approach to security that includes proactive protection, pervasive defense, actionable intelligence, and rapid response.

To help organizations work from anywhere and still maintain the necessary security posture, EPAM created the Remote Red Room. Recognizing that physical relocation from a hardened commercial facility (ODC) to an individual’s home naturally results in decreased overall security (if controls remain unchanged), the system is designed to provide verification for the binding between a physical identity and an employee’s access identity. It is similar to traditional onsite Yellow (medium security) and Red Rooms (high security), which are important when dealing with sensitive data that links to an individual’s financial, health, educational or employment information. Though not very well-known concepts outside of specific industries, these secure data rooms ensure levels of compliance and security are enforced and monitored for anyone entering, with Red the highest.

Characteristics of a traditional on-site Yellow Room:

  • Optional: Video surveillance for entry/exit
  • Optional: Corporate mobile phones only (no cameras)
  • Optional: Remote identification (security officer) for each person entering the room
  • Optional: Verification for the binding between a physical identification and the access identity

Characteristics of a traditional on-site Red Room:

  • All optional items for the yellow-zone setup are mandatory
  • Security officer controls in person entry/exit
  • Full video surveillance off the working area
  • Optional: No cell phones
  • Optional: Personal search/metal detector
  • Optional: Color/Numbered paper if printing is required
  • Optional: RF Shield (smaller rooms)

Characteristics of the Remote Red Room
The Remote Red Room moves workstation controls to a contained virtual desktop (VDI) environment, with enhanced hardware standards enforced by technical controls and monitoring. The binding between VDI, plus image verification and other behavioral analytics is key. As a result, common home network hardware risks are minimized. Here’s how it works:

Utilizing machine learning and a mounted wide-angle camera, the system must recognize the person in front of the computer screen or will be denied access. If an unknown person appears in the visual line of sight, access is blocked, or the system shuts down. The same actions occur if the authorized person takes out a phone or places unknown papers on the desk. Additionally, snapshots are taken and sent to a manager or administrator who will further assesses the risks.

In certain sectors—especially insurance, medical and finance where confidential information makes up the bulk of data—the Red Room is widely known as a more secure space for conducting business or transactions. The Remote Red Room controls provides a critical set of controls to mitigate a set of risk introduced when the end points are remote or mobile. And when normal operations resume, whether that means a return to office or a hybrid model, these enhanced controls can be layered on top of any existing ODC environment and provide additional value.

Considering the current challenges that organizations of all sizes and in all industries face, the Remote Red Room affords an essential layer of security that may not have been necessary in many sectors before the pandemic. It can also help safeguard employees from unintentional mis-steps and errors, as well as cybercrime. As more companies realize the potential of a flexible and distributed workforce, new ways to ensure safety will contribute to bolstering both productivity and security.


  • Using Modern Technology

    Using Modern Technology

    Workplace violence is a serious and growing challenge for many organizations — including those in the healthcare industry. Read Now

  • The Core Value Proposition

    The Core Value Proposition

    Machine and deep learning algorithms are everywhere in our lives. Masquerading as AI, they are only in their infancy. Have a conversation with a ChatGPT chatbot, and it becomes clear just how far we have come in a short time and how far we have to go. Read Now

  • Progressing in Capabilities

    Progressing in Capabilities

    Hazardous areas within industries like oil and gas, manufacturing, agriculture and the like, have long-sought reliable video surveillance cameras and equipment that can operate safely in these harsh and unpredictable environments. Read Now

  • A Comprehensive Nationwide Solution

    A Comprehensive Nationwide Solution

    Across the United States, manufacturing facilities, distribution centers, truck yards, parking lots and car dealerships all have a common concern. They are targets for catalytic converters. In nearly every region, cases of catalytic converter thefts have skyrocketed. Read Now

Featured Cybersecurity

New Products

  • ComNet CNGE6FX2TX4PoE

    The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance. 3

  • FlexPower® Global™ Series (FPG) from LifeSafety Power

    FlexPower® Global™ Series (FPG) from LifeSafety Power

    The FlexPower® Global™ Series (FPG) from LifeSafety Power—designed to provide DC power for access control systems in international applications—is now PSE listed for Japan and compatible with the country’s 100VAC applications. 3

  • BIO-key MobileAuth

    BIO-key MobileAuth

    BIO-key International has introduced its new mobile app, BIO-key MobileAuth™ with PalmPositive™ the latest among over sixteen strong authentication factors available for BIO-key's PortalGuard® Identity-as-a-Service (IDaaS) platform. 3