Abstract
Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via various channels of remote communication, the most common being Virtual Private Networks (VPNs). The demand for remote access is on the rise, especially during the Covid-19 pandemic, and will continue to increase as most organizations are re-structuring to make telecommuting a permanent part of their mode of operation. Employee mobility, while presenting organizations with some advantages, comes with the associated risk of exposing corporate cyber assets to attackers. The remote user and the remote connectivity technology present some vulnerabilities which can be exploited by any threat agent to violate the confidentiality, integrity and availability (CIA) dimensions of these cyber assets. So, how are users and remote devices authenticated? To what extent is the established connection secured? With employee mobility on the rise, it is necessary to analyze the user authentication role since the mobile employee is not under the monitoring radar of the organization, and the environment from which the mobile employee connects may be vulnerable. In this study, an experiment was setup to ascertain the user authentication roles. The experiment showed the process of 2FA in user authentication and it proved to be an effective means of improving user authentication during remote access. This was depicted via the use of what the user has (mobile phone/soft-token) as a second factor in addition to what the user knows, i.e. password. This authentication method overcomes the security weaknesses inherent in single-factor user authentication via the use of password only. However, the results also showed that though 2FA user authentication ensures security, the remote devices could exhibit further vulnerabilities and pose serious risks to the organization. Thus, a varied implementation was recommended to further enhance the security of remote access communication with regards to the remote user authentication.
Highlights
Many businesses today are utilizing the Internet and its technologies as vital business tools than ever before [1]
The firewall is configured with Remote Authentication Dial-In User Service (RADIUS) server which points to the IP address of Microsoft Active Directory
This research work was able to demonstrate that 2FA enhances security of the user authentication role in remote access communications
Summary
Many businesses today are utilizing the Internet and its technologies as vital business tools than ever before [1]. Some opportunities businesses utilized include employee mobility via remote access technologies, improved production via enterprise resource planning technologies, competitive advantage via user-friendly and customer-focused products among others. Globalization has made employee mobility or telecommuting a necessary part of most organizations, and most companies have adopted mechanisms to allow staff effectively access corporate resources while away from the work premise. Remote impersonation attacks can be overcome by 2FA such that should a user’s password be stolen or guessed, the attacker would need to have access to the second factor such as the hardware token, the soft-token generated on the user’s phone, etc. The succeeding sections review literature relevant to the study, the methodological approach adopted for the study, the findings of the study presented to show packet capture information that will be relevant to a malicious actor and conclusions and recommendations offered
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
