Virtual Private Networks, or VPNs, have become an essential tool for organizations supporting remote workers. They give easy access to and remote control of core business services from outside the office. Equally important, they facilitate the secure, encrypted transmission of data – when used properly. For many businesses, a VPN is a low-cost, effective way to safely connect employees to what they need to do their work, no matter where they are.
Easy access for employees – and hackers?
As remote work becomes the new norm in many industries, VPNs are also increasingly used for everyday tasks. But unfortunately, in the rush to get an influx of remote workers up and running as quickly as possible, security measures may be glossed over, delayed, or forgotten entirely. And that’s a problem when every new device connecting to the company’s network increases the attack surface and exposure to threats.
The same qualities that make VPNs attractive to businesses and their employees – ease of use, single point of access, secure transmission of data – also makes it an attractive target for hackers. Insecure home routers, phishing attacks, ransomware and more can all provide an opportunity for hackers. With just one set of stolen credentials or a computer compromised by malware, a hacker can gain access to the corporate network. From there, accessing sensitive data and escalating privileges within the network is that much easier.
Suddenly, VPNs are no longer a security slam-dunk, but a breach waiting to happen. Even the US Department of Homeland Security has issued an alert about the increased threat posed by VPNs and other teleworking services.
Shoring up VPN defenses with MFA
The trouble with VPNs is that by default they don’t require much to verify that a user is who they say they are. With traditional passwords, it’s all too easy for them to be stolen or guessed. And with more employees working remote, there are just too many factors outside of IT’s control to ensure that every connection is coming from a secure Wi-Fi network on a malware-free device.
The best way to mitigate these risks when using a VPN is to enable multi-factor authentication, or MFA. With MFA, after a user enters their corporate credentials to connect to the VPN, they are also prompted to provide additional authentication factor to verify their identity. Because the additional information is only something the employee could possibly provide – like a fingerprint, or access to a personal smartphone – any would-be hackers are thwarted.
Finding the right MFA for your VPN
Although MFA could take many forms, the best solution is one that offers the highest level of security, while also being fast and easy for workers to use.
For businesses looking to add MFA that will be readily adopted by employees, consider a solution that offers passwordless authentication. Passwordless authentication bypasses the traditional username and password, and instead relies on the use of biometrics on a user’s phone, for example, to verify the user and securely connect them to the VPN.
Biometrics are an ideal choice because they offer additional security that’s also easy for employees to set up and use. With biometrics, a simple swipe of a fingerprint or scan of a face on a personal smartphone allows employees to quickly authenticate into the VPN. The employee always has what they need to log in – no scrambling for codes or clunky hardware. From an organizational perspective, IT has greater insight into and control over employee logins with a universal authentication solution in place.
VPNs can be an important tool for businesses looking to support a remote workforce. But don’t overlook the security that’s essential to protecting business data and assets. MFA with biometrics is a comparatively easy, budget-friendly way to increase security of VPNs while centralizing IT management of employee access and improving the user experience of remote workers.
Learn more about how identity and access management can secure your remote workforce in our latest infographic 10 Ways to Increase Security and Productivity During Remote Work.