The NIS2 Directive, effective since December 2022, establishes new cybersecurity standards for Europe, affecting various sectors. It highlights the importance of securing internet access for sensitive users such as CERT/CSIRT administrators and teams.
The organizations concerned (more than 50 employees with a turnover or annual balance sheet greater than 10 million euros) fall into two main categories: essential entities And the important entities, classified according to their degree of criticality. NIS 2 covers a wide range of sectors, thus extending its scope, compared to the previous directive, to the regulation of private entities and public administrations such as local authorities.
Sensitive users and cybersecurity according to NIS2
The NIS2 Directive imposes high standards for the security of networks and information systems, with particular emphasis on administration workstation security. These users require reinforced security measures to prevent the risk of cyberattacks on mobile admin computers or when connecting remotely.
Recommendations for administrative positions
For users such as administrators and CERT/CSIRT teams, specific architectures to secure Internet access are recommended, including dedicated or multi-level administration workstations. These recommendations suggest the following options:
- Dedicated administration station: Use of two separate posts for administrative and general tasks.
- Multi-level administration station: Use of virtualization technologies to separate environments on the same workstation.
- Secure remote access to office information systems: Remote connection for administrative tasks, requiring additional security measures.
Role of Remote Browser Isolation (RBI)
Remote Browser Isolation, like the one offered by VirtualBrowser, isolates Internet browsing in a remote and secure environment in order to prevent attacks through malicious websites or phishing links, thus reducing the risks of compromise.
This RBI technology therefore allows sensitive users, such as administrators, VIPs, and incident response teams, to access the Internet securely, limiting the direct exposure of their devices and networks to potential threats.
This approach is in line with these recommendations by partitioning administration environments in a completely watertight manner. The Remote Browser Isolation thus offers an additional layer of security for these sensitive workstations in terms of risk management, protection against emerging threats And of incident response.
VirtualBrowser allows our customers to significantly reduce their cost of ownership while improving the user experience of their system administrators, by eliminating the need to deploy and manage a second station.
When is it due?
With implementation no later than October 2024, the directive offers companies a period of time to adapt to these new requirements, time to be transposed into French law.
In conclusion, NIS2 marks a turning point in European cybersecurity, with major implications for businesses, especially for sensitive users. Adopting innovative technologies like Remote Browser Isolation is critical to ensuring compliance and strengthening security.
Get ready now to meet the challenges of tomorrow. Contact us to find out how RBI can secure your business.
Learn more:
- The full text of the law NIS Directive 2 available here
- Replay and presentation of the ANSSI webinar on the NIS2 directive and its national transposition