Remote access and VPN provides convenience but can also be used to compromise company network when not implemented correctly. We have put together a recommended usage document, implemented in our own establishment, to better help you secure your employee data, network and company information.
Remote Access and Virtual Private Network (VPN) Defined:
Remote access is connecting to another computer system from outside the office.
A Virtual Private Network (VPN) is a secure connection through an otherwise insecure network, typically the “Internet”.
Security Connection Scenarios and Recommendations:
VPN Connection to Company Network –
Any computer connecting to a company network with a VPN access is equivalent to opening a security hole in the network.
We recommend any computer with VPN access installed, is a company device fully up-to-date with current anti-virus and is managed by the company.
VPN Connection by 3rd-Party Vendor –
When providing VPN access to a 3rd-party vendor, the company entrusts the 3rd party vendor to make sure their system is fully up-to-date and secure.
We recommend the 3rd-party company provide a copy of insurance and sign an agreement stating they are responsible for keeping the information secure and confidential.
Remote Access from Public Computers –
In some cases, remote access is required from a public or home computer that is not protected by monitored antivirus software.
For individual computer access, we recommend the employee is set up with LogMeIn to connect to a dedicated computer located in the office securely. For a remote connection for multiple users, we recommend a remote desktop server with a remote gateway installed to provide a secure connection to the office resources.
For additional information or recommendations on how to secure your company from a data breach, please contact ECS Sales representative.