Site icon Check Point Blog

Aligning Secure Remote Access to NIST Guidelines

With 80% of security professionals scaling up their remote access infrastructure, per Check Point research, certain controls should be applied to ensure that security is not compromised. Below are key guidelines recommended by the National Institute of Standards and Technology (NIST) in supporting standard users, privileged administrators, BYOD and third parties.

Plan remote work-related security policies and controls based on the assumption that external environments contain hostile threats.

Develop a remote work security policy that defines telework, remote access, and BYOD requirements.

Ensure that remote access servers are secured effectively and are configured to enforce remote work security policies.

Secure organization-controlled remote work client devices against common threats and maintain their security regularly.

If external device use (e.g., BYOD, third-party controlled) is permitted within the organization’s facilities, strongly consider establishing a separate, external, dedicated network for this use with remote access policies.

NIST also recommends placing remote access servers at the network perimeter and defines four types of remote access methods:

Meeting NIST Guidelines with Check Point Corporate Access

Check Point Corporate Access redefines secure remote access with a simple, clientless remote access service that deploys in minutes. Based on a Software-Defined Perimeter (SDP) architecture, Check Point Corporate Access enables organizations to enforce a granular access policy that gives only the right people in the right context, least privileged access to the right resources–and all while making the user experience a breeze.

To learn more, watch the webinar Securely Connect Remote Users with Clientless Zero Trust Corporate Access.

Check Point Corporate Access provides an innovative framework for supporting diverse users within and without the organization:

Clientless Remote Access for Third Parties

Removing the need to install and maintain a VPN client enables organizations to easily secure remote access for third parties such as consultants, contractors, partners and suppliers. Role-based controls allow administrators to easily provision and deprovision access to (and within) internal applications and limit access in both time and scope.

Clientless Remote Access for Employees

Eliminating network-layer risks, the service provides application-layer access with full authentication and authorization. Applications are accessed through any browser (including PC, Mac and mobile) via direct link or a user app portal.

Clientless Remote Access for DevOps

Engineering teams need to leverage the agility and flexibility of cloud-based development and production environments, without compromising security. Using the cloud-native service, administrators can leverage the cloud-native service to effortlessly provision and deprovision access to virtual machines, applications and services with granular role-based access profiles.

Privileged Access Management for Administrators and Engineers

By supporting a variety of protocols, Check Point Corporate Access enables secure access to databases (SQL), administration terminals (SSH) and remote desktops (RDP). Integrating with any Identity Provider, its lightweight Privileged Access management (PAM) module offers built-in SSH server key management to ensure the security of an organization’s crown jewels.

Discover Clientless Access for Remote Workers

To learn more about clientless zero trust network access delivered as a service (ZTNAaaS), check out these resources:

Exit mobile version