Secure VPN boosts business continuity

Business continuity is subject to many unexpected events, one of which is the weather. When New York got covered by 9 feet of snow, practically everyone had to stay home until the roads were clear. But the productivity of some businesses was virtually unphased by the tons of snow because they use secure VPN access to log into their corporate network from the comfort of their own home. VPN, meaning virtual private network, lets packets traverse the Internet encrypted so they cannot be read by malicious entities. The end result is that using a VPN is virtually equivalent to plugging your ethernet cable into the wall.

Of course one wouldn’t want to use one-factor authentication on a resource as valuable to attackers as a VPN, so anyone who accesses the VPN should be required to use multiple-factor authentication. Some businesses implement this with SecurID tokens that change numbers in a pseudorandom fashion, others use certificates that require passwords to unlock them, and some businesses also limit access to the VPN so that only certain whitelisted IP addresses can get in. No matter how you configure it, VPN can save your business big bucks by allowing your workers to be productive from home on snow days.

This entry was posted in General InfoSec by Troy Vennon. Bookmark the permalink.

About Troy Vennon

I recently separated from the U.S. Marine Corps after 8 years. I spent the first 3 1/2 years building classified and unclassified networks all over the world. There was a natural progression from building those networks to securing those networks. My last 4 1/2 years in the Marine Corps took me to Quantico, Va where I was stationed with the Marine Corps Network Operations and Security Command (MCNOSC). While with the MCNOSC, I was a member of the Security section, which was responsible for the installation and daily maintainance of the 34 Points-of-Presence that made up the Marine Corps 270,000+ user network. After a period of time with Security, I moved over to the Marine Corps Computer Emergency Response Team (MARCERT). There I was the Staff Non-Commissioned Officer of the MARCERT, which was responsible for the 24x7 monitoring of network traffic across the Marine Corps. Specifically, we monitored network traffic for malicious intent and investigated any network incidents as they occurred. While with the MCNOSC, I attained my CISSP, CCNA, and OPST (OSSTMM Professional Security Tester). I have been with MicroSolved for the past 4 months as the Senior Security Engineer, Technical Lead, and Project Manager.

Leave a Reply