Because, what was safe a year or so ago is no longer safe. Many of us relied on remote access programs such as PC Anywhere, Remote Admin and even Remote Desktop to connect to our computers while on the road. However, unless we have a strong username, and an even stronger password it might not be enough as the hackers know all the tricks and looking for the easy ins.
Having a VPN, usually proprietary to the MFG, coupled with strong UN/PW provides a much greater firewall against the ‘hacker’. A VPN connection not only requires a VPN sharedkey password, it requires the users UN & PW. However, the drawback to that is if your computer or laptop is stolen, then it becomes imperative to change the Shared Key immediately. The VPN also provides encryption of the data through the tunnel so if by some means the stream of data is compromised, your data is fully encrypted.
Another form of VPN, which eliminates the need for a VPN client being installed on a desktop or laptop is the SSL VPN. The SSL, short for Secure Socket Layer, is the same protection that is utilized in e-commerce and financial transactions on the web. As you hopefully know, https (vs http) is what you see (URL) when on an SSL connection. Basically it means that a secure connection (Shared Key) has been made and all traffic is encrypted. An SSL VPN connection allows the client to use any computer with web access (Internet Browser) to make a VPN connection via SSL.
Another advantage of either VPN method, is that it allow you to further secure your firewall by sealing an open port. And the less ports open, the better your odds of someone hacking in.
The other day I had a referral call as they were having issues with their network and needed some quick help. Within just a few minutes of surveying their network I had my answer. I didn’t know what the problem was, or how bad it was, but I was quite sure I knew why. And it is probably one of the biggest, and equally, one of the most common problems out there.
The old adage, that the strongest chain is only as strong at it weakest link. Well, utilizing a ‘consumer’ grade router for a network and then having the wireless setup so that employees/customers can get online is a DISASTER just waiting to happen. And so it did for this client and so many others. Just cause it works at home or a friends, is by no means reason to trust it for protecting your business. Most of the time when I explain that in this scenario that any wireless user has access to your entire network they look bewildered. — Well, what else would you expect! And if you are saying “I have a password”, just as my new client stated, wake up! Think about it, now your patients, clients, employees or any of their friends now have it too. And betting bottom to dollar, it will be one of them that hacks you. Scary huh!
If you must rely on ‘consumer’ grade routers or products for your firewall protection. Then additional hardware, configuration and setup is 100% necessary if you also want to provide secure wireless. Even if it is for your employees! An unhappy employee is just as likely to give you something to remember as is your run of the mill hacker.
Your data and your network are your livelihood. Is it worth the risk. And sadly, this won’t be the last time I see it happen. No matter how many times I say it!
In the past, I maintained a backup of my primary working drive on my laptop, so that when I was mobile I had what I might need. However, I had to change my way of thinking, and operation as I feared the day that I would lose or my laptop would get stolen and all that data would be compromised. So, I had to change how I did things.
Now when I travel, I maintain no uncompromisable data on my laptop. If I do need to work on a file, or get something, it takes only a few minutes to securely connect my laptop to my network and away I go.
This same connection provides me full UTM protection as I would have from my office. The downside to this is that I have to have an internet connection and it takes a few extra minutes to get connected. The upside is, that the most I will ever lose is the laptop, and they are replaceable. Certainly a good excuse to upgrade.
So, if you are one of those mobile workers, and you keep private data on your laptop, this might be a good time to consider changing the way you do things.