Remote Access Technology: Improving Quality of Life at Work and at Home

Posted: 10th December 2013 by VPN Haus in Uncategorized
0

Recently, there’s been a lot of chatter surrounding an article on the “false dichotomy between work and luxury.” The author’s argument, that deferred living is negatively impacting happiness and quality of life for millions of people, and that embracing remote working policies could be the answer, is intriguing.

What exactly is meant by “deferred living?” Well, think of all the things that you’d love to be able to do – everything that people put off until retirement when (hopefully) they have enough money saved up and free time to do as they please. The reality is, however, that we never end up doing a great many of those things. Physical ailments, financial setbacks, familial obligations and a laundry list of other issues often prevent us from getting to do everything we want.

The author also points out that many people actually love to work and enjoy the sense of accomplishment they can achieve on a regular basis in their careers, but that there are things that dampen that positivity. Long and tedious commutes into and from work, whether by car or public transportation, are certainly no fun. Then, there is the non-stop parade of meetings and distractions that continuously pull you away from whatever momentum you’ve built on a particular project.

By embracing remote working, we can actually reinvigorate the workforce, reignite the creativity that long commutes and endless interruptions snuff out, and reimagine the way entire industries operate. Eliminating time wasted on travel, being able to connect to company servers from home through a secure VPN and customizing your workspace to improve your own productivity will make your work that much more enjoyable.

No longer do we have to toil away at work for four decades in order to be able to enjoy the luxuries of life later on, only to then find out we wasted all that time. We can enjoy the luxuries of life and find pride and happiness in our careers right now. We can work for the companies we want to work for and still be close to our families, enjoy warm and sunny weather while collaborating with colleagues who prefer to be near the ski slopes.

We often look at remote access technologies like VPNs through the lens of modern enterprise security concerns, and that is perfectly valid. But, it’s important to not forget the human element. The technologies at our disposal today mean that careers don’t necessarily have to dictate where or how we live our lives. We can enjoy both work and our personal lives without one impeding the other.

As more and more organizations come to realize that the old ways of thinking actually hinder their progress, remote working will no longer be an outlier. Companies won’t be limited to a pool of talent based on geography and whether or not top-level recruits are willing to relocate, and those individuals won’t feel like they have to choose between what’s right for their career and what’s right for their lives outside of work.

We’ll end this post with a quote from the article that inspired it:

“This is not going to stay a best-kept secret for long. Working without the commute, without the shackled office, and living in the place of your dreams, with access to all the world’s culture, sounds like a science fiction utopia. But, it’s very real indeed. It’s the future of luxury, and it’s called remote work.”

Encryption: The Key to Network Security

Posted: 4th December 2013 by VPN Haus in Industry Commentary, VPN
Tags: , , , , , ,
0

In the network security industry, we see firsthand how encryption prevents a wide range of security breaches, protects corporate networks and safeguards sensitive, personal information and communications. As hackers are constantly on the prowl for new methods and attack vectors, and even governments are now monitoring networks, encrypting data has never been more necessary. Despite this increasingly apparent fact, many organizations have been slow to adopt encryption in all of their network communication mediums. The newly released Encrypt the Web report by the Electronic Frontier Foundation (EFF) illustrates that even large, well-known enterprises are susceptible to lapses in properly securing network communications.

Only four out of eighteen enterprises surveyed by the EFF received perfect scores in all five of its encryption best practices categories, which shows that there is still significant progress that needs to be made in securing network communications. A range of other organizations, including such prominent names as Yahoo!, Facebook and Twitter, recognize that securing their data is important, and they are currently planning to encrypt communications between their data centers over the next year, to make sure that sensitive information, such as personal and financial data, is safe at all times. Other businesses should follow their lead.

“They understand their customers want privacy and security, and are willing to deploy additional measures to ensure crypto is in place against a wide variety of attack vectors,” according to Kurt Opsahl, a senior staff attorney with the EFF. “This helps their customers feel more secure about their data.”

Beyond implementing protocols such as HTTPS and STARTTLS to secure communications over the web, as the EFF’s report recommends, enterprises must secure remote access to their networks on all fronts, including utilizing VPNs to safeguard connections to corporate networks. These robust technologies create a highly secure encrypted tunnel that gives employees access to a network without the possibility of information being intercepted. Cutting-edge VPNs go a step further, in fact, by supporting emerging encryption standards, such as Elliptic Curve Cryptography (ECC).

Enterprises need to fully embrace encryption now. By embedding it in an organization’s culture and within every information transmission medium, a wide range of attacks can be prevented. The EFF hopes that their report will nudge more enterprises to comprehensively implement encryption, and we hope so, too.

 

 

The Security Risks of Remote Support Tools

Posted: 26th November 2013 by VPN Haus in Certificates, Industry Commentary, IPsec, Mobile, VPN
Tags: , , , , ,
0

A recent study has come to light which shows that although remote support tools are being increasingly implemented within enterprises, IT decision-makers are uncertain about their safety. They should be, and for good reason.

The study, conducted by Bomgar and Ovum, focused on the challenges that enterprises face in providing remote support to employees who are using a wide range of devices, such as smartphones and tablets. Although remote support technology can be useful in certain scenarios, organizations are often unaware of the security risks and unprepared for breaches.

According to the research, nearly 25 percent of workers are currently mobile, and as a result, businesses will increase their support for remote workers over the coming 18 months. Despite this, the majority (more than two-thirds) of IT decision-maker respondents were concerned about the associated security risks.

Remote support is alluring because it typically runs in web browsers, which makes it easy to install and utilize on many kinds of devices. However, because it is browser-based, all of the vulnerabilities of the browser can compromise the safety of communications with a corporate network. If a user does not log out properly, an attacker can gain total access to a network, with little oversight by IT. Plus, all network communication is transacted via third-party gateways, which exposes an enterprise’s servers to potential threats.

Enterprises that are looking for all of the functionality, but none of the safety concerns associated with a remote support tool, should instead consider using an IPsec VPN gateway with a remote desktop component and a possibility to check server certificates at the VPN gateway. By using such a solution, an enterprise could have its staff access and control networked computers and devices through a highly secure and encrypted tunnel. It also would have much more functionality than a remote support tool, because it could be used to secure all communications between employees and the corporate network from any device, anywhere.

“The onus is on IT to not only deliver great support to its increasingly mobile and remote workers, but to ensure that the tools being used to deliver support limit security vulnerabilities created by the mobile worker,” said Adrian Drury, practice leader for consumer impact technology at Ovum. Our thoughts, exactly.

 

Cyber Monday: Why Network Security is the Best Gift of All

Posted: 21st November 2013 by VPN Haus in Uncategorized
0

Each year, as millions of Americans are busy surfing the web to find the best Cyber Monday deals, hackers are preparing to take advantage of enterprises when their network security is at its weakest point. It is crucial, then, for enterprises to secure their networks during this time of year, because breaches can be incredibly damaging to a business.

According to Demetrios Lazarikos, IT threat strategist from RSA, “This time of year is not just an opportunity for retail fraud, but an opportunity to launch attacks that take advantage of business logic vulnerabilities, DDoS [distributed denial-of-service] attacks, and more sophisticated attacks as well.”

Hackers are now increasingly breaching networks with Advanced Persistent Threats (APTs), and the holiday season is an ideal time of year for cyber criminals to use them, along with other methods, to exploit myriad lapses in network security. Due to a combination of higher than average network usage and IT administrators being out of the office, enterprises are often unable to react quickly to attacks during the holidays. In fact, 81 percent of hackers surveyed at a recent DefCon said they’re more active during the winter for those very reasons.

It’s no wonder, then, that according to a new study by the Ponemon Institute, 64 percent of organizations said they see significant increases in attack activity during the holidays. But, it is more surprising to learn that despite the fact that they are vulnerable, more than 70 percent of enterprises are not taking the necessary precautions in anticipation of increased attacks.

To prevent network breaches during the holidays, an enterprise should implement a comprehensive security framework that enables all of their systems to communicate, to rapidly prevent attacks as they occur. As part of such a framework, it is important to utilize a VPN wherever necessary – to provide the highest level of secure remote access to a corporate network, especially with staff working from home, the airport or anywhere in between during the holidays.

For IT departments dealing with skeleton staff levels during the holidays, a VPN with central management capabilities is even more critical, because it requires fewer IT administrators to manage an enterprise’s remote access infrastructure, while providing a real-time holistic view. A network administrator can easily manage compliance for a network of thousands of users and immediately revoke access to a user in case of a breach to protect sensitive information from being compromised.

Enterprises must take extra precautions to safeguard their corporate networks as the end of the year approaches. With a smarter strategy for network security, the holidays can be a more peaceful and joyous time of year for enterprises.

 

Developing a Comprehensive Remote Access Security Framework: Network Health and Trust

Posted: 13th November 2013 by VPN Haus in Endpoint Management, IPsec, IT policy, VPN
Tags: , , , , , , ,
0

The need for a comprehensive remote access security framework cannot be emphasized enough. Those looking for proof of this concept need look no further than the recent Adobe hacking, and the chilling implications it has on network security. Our previous two posts in this series have discussed why the proliferation of mobile devices has made corporate networks more susceptible to malicious attacks, how unknown users and/or devices pose a serious threat to network security, and how establishing endpoint identities and roles can help protect against breaches.

But what if cyber criminals could create superficial identities and roles that pass as legitimate? The unfortunate truth is, this scenario is a very real possibility. The most common method cyber criminals use to gain network access is spoofing endpoints’ Media Access Control (MAC) addresses.

A MAC address is a device’s unique hardware number. When employees connect to their networks, a correspondence table relates their IP address to their computer’s physical MAC address. As previously explained, devices can be linked in a relationship registry to user identities based on a particular user/device combination. Once that’s done, a policy can be implemented that will grant or deny network access based on those combinations. Ideally, this process will screen out users that attempt to access the network with invalid credentials. But when a MAC address has been spoofed, another layer of defense is needed.

Though there are several ways to detect a false MAC address, one of the best bets is to simply build a protocol right into an IPsec VPN client. This would allow the client to establish a secure, encrypted connection with the target network and submit device health information. For example, the client would indicate if a MAC address is legitimate, or if it there are signs that it has been tampered with and may be spoofed. Only when credentials for the user and device match the pre-set criteria will network access be granted.

It’s worth noting that a suitable security framework for policy-based network access control is under development in the form of Trusted Network Connect (TNC) by the Trusted Computing Group (TCG). The TNC has specified a protocol, Interface for Metadata Access Points (IF-MAP) that allows the devices to publish or consume security-relevant metadata to/from the Metadata Access Point (MAP) Server. This approach truly incorporates one of the main aspects of a comprehensive remote access security framework: trust-level establishment. Trust level establishment is, at its simplest, conducted by evaluating the access elements such as those previously discussed.

From conducting an initial screening process to determine legitimate devices and users, to enforcing the policies that are established, to cross referencing against user/device combinations, a comprehensive remote access framework can go a long way in terms of securing corporate networks from malicious attacks. Is it a foolproof system? Certainly not, and cyber criminals will continue to try and discover ways to penetrate whatever defenses IT security professionals establish. But by being proactive, and taking precautionary steps such as those we’ve outlined on VPN Haus, enterprises can at least take steps in the right direction.

Older Entries