IT teams should look for services with automatic alerts about user behavior, logging, scalability, and central management.
As remote work becomes the new normal, IT teams have to take a second look at solutions that worked in March 2020 but may not be the right choice now. In addition to implementing multifactor authentication and considering a zero-trust approach, IT leaders should determine how a virtual private network (VPN) fits into the overall security plan.
A VPN provides two basic services: Encrypting data between two points and hiding a user’s IP address, as David Gewirtz explains on ZDNet.
SEE: VPN: 5 reasons business pros should always use one (TechRepublic)
Sebastian Stranieri, CEO, VU Security, said that all users who work remotely for a company that has a corporate network should use a VPN. He said VPNs provide three central benefits:
Stranieri said people should use a VPN for personal online activities as well and avoid free services.
Juta Gurinaviciute, chief technology officer at NordVPN Teams, said a company’s needs and the technical characteristics of the service are the two main pillars of choosing a VPN.
“Some try to protect their corporate network perimeter, those working remotely focus on the end user’s resilience, and others primarily need cloud protection,” she said.
Gurinaviciute said IT leaders should also consider secondary technical parameters, such as connectivity, speed, supported devices, and the number of permitted connections.
IT teams should consider how a VPN could affect latency, according to Gurinaviciute, as sending encrypted traffic can slow the overall flow.
“However, this is the considerably low price enterprises have to pay for their resilience and data protection—especially with today’s increasing bandwidth, optical networks and 5G connections,” she said.
Gurinaviciute said that VPNs are one element of an overall cybersecurity strategy because this technology can’t defend employers and staff from social engineering attacks or malware that is already inside the network perimeter.
“VPNs work best simultaneously with antimalware programs and the development of cybersecurity education within a company,” she said. “To lower the risk, enterprises can take a step beyond VPN and implement zero-trust network access solutions, thus limiting employees’ connection to sensitive corporate information.”
Rob Smith, a senior research director at Gartner, agreed that many companies should be thinking about migrating to a zero-trust solution to manage access and security instead of picking a VPN. However, he said that VPNs are still important for some industries with significant investments in data center operations that are not moving into the cloud any time soon, such as city governments and financial firms.
“For many finance companies, they hope to be 80% in the cloud in the next five years,” he said.
Another factor to consider is a remote worker’s level of connectivity. Some employees working from home have fast connections that will support a desktop-as-a-service solution to security and access. Individuals with slower connections will not.
Maxime Trottier, vice president of sales and marketing at Devolutions, said that IT teams should look for these features in an enterprise VPN:
Trottier suggested considering a service with a kill switch.
“In the unlikely event that your VPN connection drops, you’re at risk of using a regular unprotected connection managed by your ISP—and you might not even know if this happens,” he said. “A kill switch prevents this by shutting down apps and preventing access to websites as soon as the connection is lost.”
Trottier also said that configuring, managing, and optimizing enterprise-grade VPNs are much more complicated than personal VPNs. He recommends checking the levels of support a provider offers as part of the selection process.
IT teams also should calculate how many simultaneous connections a VPN can support to avoid hitting a user cap which prevents additional employees from logging on, Trottier said.
He also recommends finding a VPN that provides real-time push notifications so that employees who break the rules (even by accident) can be identified and stopped.
Trottier also recommends taking into account user experience when selecting a VPN.
“Choose a VPN that will not materially degrade user experience, or else some employees are going to try and circumvent it,” he said.
Finally, it’s important to find out if a VPN vendor is going to re-sell your data.
“If so, and if this is a problem (and it probably is), then find another vendor who confirms that they will wipe all logging data,” he said.
24World Media does not take any responsibility of the information you see on this page. The content this page contains is from independent third-party content provider. If you have any concerns regarding the content, please free to write us here: contact@24worldmedia.com
Marnus Labuschagne Caught Off-Guard By ODI Captain Call After Steve Smith Snub
Everyone Is Looking Forward To It, The Standard Will Be Very High – Jacques Kallis On CSA’s SA20
Danushka Gunathilaka Granted Bail On Sexual Assault Charges
Ramiz Raja Sends Legal Notice To Kamran Akmal For Defamatory, False Claims Against The Board
Harbhajan Singh Reckons Mumbai Indians Should Release Kieron Pollard Ahead Of The IPL Auction 2023
Ian Bishop Praises Sam Curran For His Performances On Bouncy Australian Tracks
Why Choose A Career In Child Psychology?