Digital Craftsmen share best practice on how to secure VPN access across your business organisation.
Working from home is fast becoming a business norm, with more employees now enjoying the flexibility it offers them, and businesses, in turn, realising cost savings and increased employee satisfaction. According to figures from the Office of National Statistics, the numbers of employees telecommuting has increased to 4.2 million, with 34% of these working for a large organisation.
This has added another level of access and security responsibility to the already busy IT team workload, as employees need to access company information when working remotely.
Virtual Private Network (VPN) connections provide access to a company’s private, internal network to their remote users or regional offices. VPNs securely tunnel the data between the remote user and the company network, to ensure the data and files you are sending over the VPN are secure.
Although VPNs are designed to secure your company’s private network, using encryption and other security measures, there are some important details and best practices to secure your Virtual Private Network.
Operating in the cloud comes with its own challenges around access and security. Some of these challenges are dictated by company policy and others are externally mandated; typical examples are PCI compliance and sensitive data storage.
Most large deployments in the cloud are within ‘Virtual Private Clouds’ that use private IP address ranges and this immediately restricts the types of access your team can have to the system. The solutions are generally a fixed/private line into your cloud systems or a VPN to ‘tunnel’ traffic through an encrypted session between two points.
If you’re working with teams who need to connect into an environment\system and you have specific security requirements, then the answer to the question; whether to have secure connections to the business VPN, is invariably: YES.
The traditional method for accessing such a remote site would be a bastion host\jump box which administrators connect to, and then make onward connections to your servers. The modern weapon of choice for system administrators is VPN connectivity and for good reasons:
Using VPNs to connect into your cloud environment allows developers and users of those systems to transparently connect over encrypted tunnels to the systems to which they have been granted access. Access can also be logged and audited regularly if required, which is typically essential when processing financial information.
Operating your own VPN infrastructure can be a complicated undertaking, there may be improvements you can make to enhance reliability, security and availability – speak with your administrators and check what is possible with your systems:
Choosing a provider to manage these services for you is a sensible option, as transferring such risks to a third party removes this overhead from your already busy IT team. You should opt for a company with ISO 27001 accreditation who manage risk in a consistent and auditable way.
ISO 27001 provides internationally recognised confirmation that security best practice is being followed and organisations have taken appropriate steps to secure personal information in line with the requirements of EU data protection laws, including the forthcoming EU General Data Protection Regulation (GDPR), which will supersede the EU Data Protection Directive.
Digital Craftsmen offers specialist cloud managed services, so if you’re looking to migrate a legacy IT system or application to the cloud, we can support you.
Contact Digital Craftsmen now to see how we can help with keeping your business secure in the cloud.