Nmedia - Fotolia
A recent study of healthcare organizations' networks revealed 33% of malicious traffic was passed through or transmitted from VPN applications and devices. Can you explain the best ways to prevent VPN security risks, as well as the best ways to secure VPN access for our mobile users?
If I were a criminal hacker, I'd certainly try to launch malware attacks and similar exploits over virtual private network (VPN) communication channels. The sessions are encrypted, and thus, there's not an easy way to inspect this traffic. Furthermore, it's usually assumed that any VPN connections and traffic are trusted. After all, who else would it be besides the legitimate user, anyway? (If we only lived in such an ideal world!)
The real challenge with truly securing VPN connections involves two things:
1. Network admins and security managers need to get past the traditional mindset that VPN automatically equals secure.
2. Enterprises must secure the actual endpoint to prevent injections, exploitations or other compromises of the device itself.
Mobile users -- from clerks to executives -- are going to do whatever they can to get their work done and accomplish their personal tasks (and then some) on their mobile devices. It's up to you to set them up for success by working with management to establish reasonable mobile policies and enforce the policies with mobile device management, antimalware, a personal firewall/host-based intrusion prevention system and encryption technologies. Then you must ensure everyone is educated about what is expected, along with the ramifications of non-compliance. I honestly believe the formula is as simple as that.
Once your endpoints are secured, you can look to shore up any deficiencies in your VPN environment (namely, lack of system monitoring and event correlation, which will provide the insight you need to see the questionable things that are taking place) and you will end up with a reasonably secure remote access system that's resilient to malicious infections.
Ask the Expert!
Want to ask Kevin Beaver a question about network security? Submit your questions now via email! (All questions are anonymous.)
Do split-tunneling features introduce VPN security risks?
Dig Deeper on Secure remote access
Related Q&A from Kevin Beaver
Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each. Continue Reading
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective ... Continue Reading
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger ... Continue Reading