How secure is a VPN? Is it the most secure remote access method?
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Generally speaking, a virtual private network (VPN) is a common way to allow remote users to connect to your corporate network. VPNs are widely used by telecommuters, business travelers and those simply seeking to get in a few extra hours of work from home at night, but how secure is a VPN?
VPNs work by using encryption to simulate a direct connection to a private network. When you’re in the office, you usually have an Ethernet cable extending from the back of your computer to a jack in the wall that provides you with direct access to the corporate network, where your activities are protected from prying eyes by physical security and network perimeter protection.
Obviously, those security controls don’t apply when you’re sitting at home or on the road. Your communications must travel over the Internet back to your office and, during that transit time, they’re visible to anyone who may happen to be at a waypoint between the two locations. VPNs allow a software client on your computer to connect to a VPN endpoint on your corporate network. The client and endpoint then establish an encrypted tunnel that protects all of the communications between your computer and your corporate network so they are essentially illegible to prying eyes.
The downside to a VPN is it grants direct access to systems on your network to remote computers you may or may not control. While many organizations depend exclusively on VPNs to provide security for remote users, you may also wish to consider the use of additional security controls to supplement them, especially if you will have computers you don’t manage connecting to your network.
One common approach to achieve the most secure remote access is to require remote users connect to a VPN and then use application virtualization to allow screen sharing of an application running on a server on your corporate network without allowing direct access to the network by the remote computer. This reduces the risk of an infection on the remote computer spreading to systems on your corporate network.
You should also consider limiting the access VPN users have to devices on your corporate network by segregating them into a special VPN network that is firewalled off from the remainder of your enterprise network.
Ask the Expert!
Have questions about enterprise network security? Ask expert Mike Chapple! (All question submissions are anonymous.)
Dig Deeper on IPsec VPN Security
Related Q&A from Mike Chapple
The OWASP Top Ten list is not a compliance standard but a set of best practices for enterprises looking to boost Web app security. Here's how to get ...continue reading
A data breach notification policy is important to have, but deciding how to alert customers can be tough. Expert Mike Chapple explains some best ...continue reading
Tokenization technology can be confusing. Expert Mike Chapple explains what the difference is between two types of tokens and how tokenization can ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.