According to the latest statistics, almost half of British workers are now working from home. As businesses continue to adapt to the ongoing threat of the Covid-19 pandemic, homeworking has become the safest and most practical option for many organisations. With the explosion in working from home, however, comes the challenge of how to do so safely, particularly with sensitive data and home workers logging in using their home internet connections, and in many cases, their own equipment.
Remote Access VPNs have long been the solution for remote workers needing to access company networks over the public internet. However, this once trusted solution has grown to be increasingly vulnerable due to the surge in cyber security threats. The sudden shift to homeworking as lockdown was imposed, has increased the use of virtual private networks and thus amplified the threats and vulnerabilities.
What makes a VPN vulnerable?
The basis of the problem with virtual private networks is that they allow too much trust between the remote device and the corporate network. The VPN creates a tunnel between the remote workers device and the company network, which although cryptographically secure, can be easily exploited. For example, if the remote worker has ransomware on their system, it can travel through the tunnel and infect the corporate network.
One way around this is to ensure that all remote workers are provided with devices from the organisation, with the necessary safeguards in place. Whilst this may reduce the threat, however, it will not eliminate it.
Another potential vulnerability arises when remote workers use their work devices to access personal emails and social media sites, thus opening up the possibility for phishing attacks and spyware to attack the VPN.
VPN gateways also have multiple vulnerabilities and often need to be patched to keep up with the latest security threats. However, if your remote workers are working around the clock, this leaves little time to apply patches thereby further exposing gateways to attack.
What is the alternative to remote access VPNs?
A Gartner’s analysis in June last year predicted that by 2023, 60% of enterprises will phase out their Remote Access VPN in favor of Zero-Trust Network Access. We could argue that with the huge increase in homeworking and the ever present and growing cyber threats, that this phasing out will happen even sooner.
Traditionally, IT systems took the approach that everything within the network was safe and everything outside was a threat. However, as vulnerabilities increase and cyber attacks become more intelligent, the risk of an attacker gaining access to the network increases. Once inside the network, the attacker has control over everything within it.
Zero Trust Network Access is an IT model that requires strict identification for every person trying to access resources on a private network, whether they are within it or outside it. No one is trusted by default and verification is needed from everyone trying to access any resources in the network. It works on the principle that attackers can come from outside or inside the network, so no one can be trusted. The “trust no one” phrase made popular by ‘X Files’ springs to mind!
One of the core values of Zero Trust Network Access is Multifactor Authentication (MFA). This basically means workers must provide at least two pieces of evidence before they can login. Often this is using 2 Factor Authentication (2FA) – popular on platforms such as Google and Facebook, where users must use another form of evidence other than their password to login. This might include text or email pins, or authenticator codes sent to a mobile device.
How can Matrix IT help your homeworkers?
Matrix IT are here to support your business to operate securely, providing the systems and technologies you need to enable teams to work remotely and keep data secure. We offer a range of cloud services to facilitate homeworking, including Microsoft Office 365 or Azure, with a number of add on, migratory and wrap around services to ensure you have the security you need.
Most importantly, we can ensure your login processes are zero trust, audited and that remote systems are kept secure, with multi factor authentication giving you peace of mind that your remote workers are not compromising your resources.
To find out more about the benefits of migrating to cloud technologies or installing multifactor authentication for your Hampshire business, please contact the Matrix IT team today on 01329 888444.