The COVID-19 pandemic has dramatically transformed the workplace, with more workers than ever working remotely. And many of the changes are here to stay. According to a recent survey, more than 77 percent of HR executives expect the trend toward remote work to continue, even after the outbreak subsides.
To safeguard sensitive company and end-user communications and data, it’s essential to keep remote workers connected while securing and controlling network access. The threat landscape is constantly evolving, and as your company’s Virtual Private Network (VPN) usage escalates, you need to consider how to prevent attacks, and gain better visibility into VPN usage. Public Key Infrastructure (PKI) is a powerful option to support mobile workforces and control virtual network access.
VPN is fundamental to remote access
Virtual Private Networks (VPNs), are the foundation of many remote networking initiatives, and essential to work-from-home initiatives. They apply advanced encryption protocols and mask your internet protocol (IP) address to provide privacy and security, helping prevent eavesdropping, man-in-the-middle and other attacks. With a VPN, your computer at home can securely send and receive data over the public Internet, just as though it were connected directly to a private network.
VPN access is a great way to protect remote employee traffic on the public Internet, but you’ll also want to ensure that only people authorized to access your network can log in. A simple username and password aren’t sufficient to stop today’s sophisticated hackers. To keep your VPN access secure, you’ll need multifactor or strong authentication. Augmenting your password protection with Public Key Infrastructure (PKI) delivers a solid combination of strong security and controlled management that’s easy to use.
Multifactor authentication together with digital certificates provides real advantages for flexible remote connectivity, providing cryptographically strong two-factor authentication that can work from most any location and device.
Strengthening security and control with PKI
A PKI digital certificate provides much stronger security than a traditional password. That’s because it is cryptographically secure, algorithmically binded to an individual or organizational identity or the trusted resource that issued it, to authenticate the right party. You also get more control, such as the ability to revoke access, or set up expiration dates if an employee leaves the company. When you pair PKI with a certificate distribution solution like Mobile Device Management (MDM) your users gain not only strong security, but simple, intuitive use.
Making the most of your VPN
It’s important to remember that your VPN is a shared, limited resource. It’s bandwidth-intensive, so the more you use it, the less bandwidth there will be for others. If performance starts to suffer, your company will need to scale up more infrastructure to keep pace with the increasing usage.
You might not have the resources in place to closely monitor your VPN, but it’s important to set up smart use policy for employees. It’s best to avoid using a corporate VPN for things like streaming services, personal activities like online shopping, software updates and Zoom meetings that don’t require access to applications through VPN.
If you notice the bandwidth is still spread thin, then you can control what can be accessed on your network. For instance, if you’re seeing 90 percent of the bandwidth going to Netflix, you can block it.
Remote networking is here to stay
It’s clear that VPNs are critical for today’s increasingly remote workforce. But like any essential resource, you need to protect them from hackers and other threats. With multifactor authentication including PKI-based digital certificates and passwords, backed by employee education and the right policies, you can ensure that your network resources remain accessible, available and secure—however, whenever and wherever your people are working.
Brian Trzupek is SVP of Emerging Markets at DigiCert. A crypto and security tech by day and night, Brian brings nearly two decades of expertise on many security subjects to the team. He’s constantly innovating use cases for PKI.