Through the firewall blocked the VPN flaw
VPN security issue is the core issue. At present, VPN security assurances mainly through the firewall, router, supported by the tunnel technology, encryption and security agreements to achieve the key, enough to ensure that employees secure access to corporate networks.
VPN security issue is the core issue. At present, VPN security assurances mainly through the firewall, router, supported by the tunnel technology, encryption and security agreements to achieve the key, enough to ensure that employees secure access to corporate networks.
However, if an enterprise needs to expand to the VPN remote access, we should note that these directly to the company network or on-line connection always will be the main objective of hacker attacks. This is because long-range work of the staff through the firewall from the personal computer can come into contact with the company budget, strategic plans and projects, and other core elements, which constitute the company’s security weaknesses in the defense system. Although employees will be able to double to improve work efficiency, and reduce traffic on the time it takes, but also for hackers, competitors and business spies into the company has provided numerous opportunities for the core network.
However, the long-distance business and not the work of the security be enough attention: Most companies that company’s network in a network behind a firewall is safe, employees can dial into the system, and the firewall will reject the request of all illegal aloof ; Some network administrators believe that the establishment of firewalls for network and to provide staff with VPN, so that they can through an encrypted tunnel dial into the company network is safe. These views are wrong.
The home office is pretty good, but from the safety point of view, it is a great risk, because the majority of companies use security software for home computer does not provide protection. Some staff members did just entered a home computer, follow it through an authorized connection into the company network system. Although the company’s firewall can be isolated outside intruder, and to ensure that the main office and home office between the VPN information security. But the problem is that an intruder can be trusted users access to the network. Therefore, the encrypted tunnel is safe, the link is correct, but it does not mean that the home computer is secure.
In order to staff hackers penetrated the home computer, the need to detect IP addresses. Statistics show that the use of dial-up connection the IP address almost daily by hackers scanning. Therefore, if the home office with an uninterrupted connection such as DSL link (usually connected with such a fixed IP address), will make it easier to hacker intrusion. This is because dial-up access when each was assigned a different IP address, although it also can be invasive, but relatively more difficult. Once the home computer hacking, he will be able to run their remote VPN client software. If the need to enter your password, you can record on the remote or keyboard percussion view screen, so that hackers can see all the staff.
Therefore, there must be a solution block the remote access VPN security loopholes so that employees can connect with the network fully embodies the advantages of VPN, and will not become a security threat. A personal computer installed on personal firewall is a very effective solution, it can not make the illegal intruder into the company network. Of course, there are still some distance to the work of the actual solution:
All long-range staff must be approved for use VPN.
All staff need to have long-range personal firewall, it was not only prevent your computer from intrusion, but also tell you that the connection of the number of scanned.
All staff should have a long-range intrusion detection system, to provide information on the records of hacker attacks.
The IT team should be user-created home systems, so that more easily find weaknesses in the system, and can in a targeted manner robust system, rather than allow users to purchase, ordering systems.
In the office of the computer management approach to remote office staff should be equally effective.
Remote monitoring system installed in the software, and restrictions can only be used in the work.
Company’s IT team needed to these systems and office systems of the same regularly scheduled inspections.
On the staff of sensitive documents should be encrypted.
Installation requires a password access control procedure, if a password error, the system administrator via modem to the alarm.
Remember to go out to work should not be alone on the hotel computer room or car, do not let through VPN into the company’s computer network to leave your sight.
Go out to work so that the computer should have multi-level security protection, such as screen lock or activate password.
When the choice of DSL providers, should be selected to provide security protection suppliers.
Subscribe Feed
Contact Us