Misleading security - conventional VPN connection for working from home

Also – but not only – due to the rapid spread of coronavirus, you have sent as many of your employees as you could to work from the safety of their homes. Despite the necessary rush, you or your IT team have probably considered how to secure the connection for those working remotely. The solution is, of course, VPN (Virtual Private Network). But is it really secure?

A VPN connection is encrypted, but it’s not enough to guarantee protection from all cyber threats. Apart from the secure connection you also need security controls on the end devices and network. Other aspects must also be considered when using a conventional VPN solution.

Challenges and limitations in the use of VPN solutions

In many cases, remote work means using personal devices. These, usually, have significantly lower security level than the company’s IT. What’s more, there is a danger of employees using company devices for surfing the Internet at home. Taking this into consideration, appropriate cyber protection is a must. If the device used for remote work is infected, VPN won’t change anything. The attacker is already one step away from accessing the entire company network.

Establishing a VPN for remote work in a traditional way means that the entire traffic is routed through the company network, also, for example when cloud applications such as Office 365, Salesforce, etc. are used in the company. This can lead to high utilization or even overload of the available bandwidth. It’s a real problem, especially in this critical time, when the number of employees working from home has skyrocketed.

In any company, VPN connection must be established by experts and, what’s more important, managed by them. Otherwise, it can lead to additional cybersecurity issues, instead of ensuring secure connection for remote workforce. Government cybersecurity organizations around the world, such as the U.S. Department of Homeland Security's Cybersecurity & Infrastructure Security Agency (CISA), are already warning of these threats.

CISA directs this warning especially to companies, which use VPNs for remote work. They must be aware that hackers are looking for vulnerabilities in such solutions and actively exploiting them.

More than VPN - Veronym has the solution for remote work cybersecurity

Veronym offers a cloud-based cybersecurity service, which is fully operated in Germany. The service is ready for use in minutes and doesn’t require integration with the company’s infrastructure. Users are managed through our Customer Portal. Thanks to the flexible subscription model, you can subscribe and unsubscribe on a monthly basis; there is no need for upfront investment or additional employees.

For network security, we provide a VPN connection from your device to our cloud solution. In the cloud we inspect the traffic, searching for and blocking any harmful activity. The protection is based on technology from Palo Alto Networks. To send the traffic from our cloud to your company we establish the second VPN connection. This requires an adjustment to the company’s firewall configuration.

The cloud-based service from Veronym can also be used as a secure gateway for direct access to the Internet. This ensures that all traffic generated by cloud and network applications is protected, but does not have to be transmitted over the company's network; thus, we avoid reducing its capacity.

The second crucial element of our solution is the protection of devices used for remote work. Here, we are using market-leading security technologies from Crowdstrike and support all popular operating systems - Windows, macOS, Linux, iOS, and Android.

It’s especially important when employees have to use their own devices to work from home. Without much effort, the devices can be managed in Customer Portal and without integration included in the company’s cybersecurity.

With our Cyber Defense Center (CDC) we automatically monitor your employees’ remote workstations round the clock and notify you immediately if we find critical anomalies. Once a week we sent you an accessible report about the use of our services, as well as user statistics for your company.

Through our cloud-based Security-as-a-Service portfolio we want to ensure your company’s security during the coronavirus crisis - and, of course, beyond; after all data processing is increasingly mobile. With us, you don’t need expert knowledge, and it takes only a few minutes to install our service. This is exactly what secure remote work is all about, especially now.

Fig. 1: VPN connection between the device and the company network. The traffic to the Internet and cloud applications is routed through the company network.

Fig. 2: Remote work with Veronym

  1. Market-leading device security (incl. EDR)
  2. VPN connection from the device to Veronym
  3. Security inspection of the traffic
  4. VPN connection between Veronym and the company network
  5. Secure, direct connection to the Internet and cloud services

Original article (in German) available here.

Author image

About Ariadna Pawluk

Cybersecurity enthusiast, hunting all the freshest news, insights and tidbits.