Implementing a VPN at Work? Follow These Best Practices
Virtual Private Networks, or VPNs, have become an essential layer of IT security as more organisations adopt a hybrid or remote working approach. However, like any aspect of cybersecurity, this tech needs to be implemented the correct way if you want to achieve the level of protection they offer. Here are some best practices for using a VPN in your business.
#1 – Invest in the best product
Not all VPNs are created equal. Some developers are better than others and some types of VPN offer more layers of security than others. It’s essential to invest in the best product for your business:
- Firewall VPN – This restricts access to your network and provides features such as address translation, user authentication, logging, and alarms.
- Hardware-based VPN – This is the most expensive option but is critical for high-performance, high-reliability environments.
- Software-based VPN – If you have multiple routers, endpoints, and firewalls interacting with your network, this option offers flexibility in traffic control.
- SSL VPN – Here, users can connect to VPN devices through a web browser. It then uses a secure socket layer to encrypt information between the web browser and the device.
#2 – Stay updated
Install and action updates from your VPN provider as they arrive. These updates carry usability and security patches, ensuring your VPN operates at the highest level of performance and can detect and protect you against the latest threats. Employees should be encouraged to update their VPN devices regularly.
#3 – Be mindful of bandwidth
VPNs take up capacity on your network, so employees need to be mindful of their traffic on the network to avoid it becoming slower. For example, if you are running a remote team, it should be the policy that personal devices and traffic are discontinued through the network during working hours, and especially during video meetings, presentations, etc. This is because high-traffic activities like having Netflix on at home while you are in a Zoom meeting can slow the network down for people in high-traffic locations like coffee shops or offices, disrupting the meeting and compromising their security.
#4 – Limit VPNs to work devices
Building on the above point, VPNs should be limited to work devices only. By limiting access to company-issued hardware, you help to limit points of vulnerability and protect limited bandwidth. In addition, users should not be able to download whatever they want onto these connected VPN devices, and all software downloads should be subject to the granting of formal permission by administrators.
#5 – Utilise strong authentication
The best form of protection for remote and off-site teams is to use multi-factor authentication on all VPN devices, preferably with a biometric security element. Microsoft servers should also activate Extensible Authentication Protocol-Transport Level Security (EAP-TLS) used with smart cards. A single password, especially when it is not a randomly generated option, is simply not enough protection.
Otto IT is a people-first managed IT solutions provider. Our talented team will help your remote teams find the tech needed to work better and more securely, get your organisation’s message out there, and push peak performance. Chat to our team today about tech solutions that really work.