Remote access for employees — and for data thieves
August 3, 2010 by Steve HannafordPosted in: In this week's e-newsletter, Latest News & Views, Security
New technology that lets users connect to the company network from remote locations could be doing the same thing for criminals.
As the use of telecommuting and corporate laptops has increased, the use of Virtual Private Networks (VPNs) has mushroomed. The benefit of having access to centralized data is a major productivity boon to your employees. But, as experts note, it may open up your system wide up to data theft and malicious tampering.
Worst of all, the proliferation of Blackberries, iPhones and now tablet computers is starting to make the job of securing VPNs even harder.
The problem, according to security company NCP Engineering, can be minimized with the right steps. Most VPN software packages have controls that can make the hacker’s job much more difficult, The problem is that many company’s VPN networks get set up and “left on auto-pilot,” even as the threat level changes.
To reduce the risk with VPNs, follow these steps reported by NCS at the Black Hat 2010 security conference in Las Vegas:
- Keep up with software updates: That includes updates on the host and on the remote users’ side. VPN companies keep refining security features in response to what’s out there, but that does no good if the updates aren’t installed in a timely way.
- Train: VPN can be plug-and-play, but security is enhanced when end users are instructed on best practices for passwords, and
- Use administrative tools: Most VPN software allows administrators to define exactly which remote devices can get access through the software (Same Origin Restriction), limiting the threats from outside. Also important is making sure the list of users is kept up to date, so that ex-employees don’t have access to the VPN.
DocuCrunch.com delivers the latest IT and Imaging news once a week to the inboxes of over 200,000 IT and Imaging professionals.
Click here to sign up and start your FREE subscription to DocuCrunch!
Tags: remote access, telecommuting, Virtual Private Network, VPN
Loading ...
August 5th, 2010 at 8:31 pm
If you have any global VPN licenses, which I believe a TZ 170 will come with one, I would use the Sonicwall for the VPN. I would read the manual for the TZ 170, it should give you a starting point for setting up the Group VPN and configuring the VPN client.